Index: head/security/libressl/Makefile =================================================================== --- head/security/libressl/Makefile (revision 439761) +++ head/security/libressl/Makefile (revision 439762) @@ -1,44 +1,45 @@ # Created by: Vsevolod Stakhov # $FreeBSD$ PORTNAME= libressl PORTVERSION= 2.5.3 +PORTREVISION= 1 CATEGORIES= security devel MASTER_SITES= OPENBSD/LibreSSL MAINTAINER= brnrd@FreeBSD.org COMMENT= Free version of the SSL/TLS protocol forked from OpenSSL LICENSE= BSD4CLAUSE LICENSE_FILE= ${WRKSRC}/COPYING CPE_VENDOR= openbsd OPTIONS_DEFINE= MAN3 NC OPTIONS_DEFAULT= MAN3 NC MAN3_DESC= Install API manpages (section 3) NC_DESC= Install TLS-enabled netcat CONFLICTS_INSTALL= libressl-devel-[0-9]* \ openssl-[0-9]* \ openssl-devel-[0-9]* MAN3_EXTRA_PATCHES_OFF= ${FILESDIR}/extra-patch-MAN3 NC_CONFIGURE_ENABLE= nc GNU_CONFIGURE= yes USES= cpe libtool pathfix pkgconfig USE_LDCONFIG= yes OPTIONS_SUB= yes CFLAGS+= -fpic -DPIC -Wl,-rpath,${PREFIX}/lib -Wl,--as-needed INSTALL_TARGET= install-strip TEST_TARGET= check post-install: ${RM} -r ${STAGEDIR}/${PREFIX}/etc/ssl/cert.pem post-install-NC-on: ${INSTALL_MAN} ${WRKSRC}/apps/nc/nc.1 ${STAGEDIR}/${PREFIX}/man/man1/nc.1 .include Index: head/security/libressl/files/patch-CVE-2017-8301 =================================================================== --- head/security/libressl/files/patch-CVE-2017-8301 (nonexistent) +++ head/security/libressl/files/patch-CVE-2017-8301 (revision 439762) @@ -0,0 +1,32 @@ +https://marc.info/?l=openbsd-cvs&m=149342064612660 + +=================================================================== +RCS file: /cvs/src/lib/libcrypto/x509/x509_vfy.c,v +retrieving revision 1.61 +retrieving revision 1.61.4.1 +diff -u -r1.61 -r1.61.4.1 +--- crypto/x509/x509_vfy.c 2017/02/05 02:33:21 1.61 ++++ crypto/x509/x509_vfy.c 2017/04/28 23:12:04 1.61.4.1 +@@ -1,4 +1,4 @@ +-/* $OpenBSD: x509_vfy.c,v 1.61 2017/02/05 02:33:21 beck Exp $ */ ++/* $OpenBSD: x509_vfy.c,v 1.61.4.1 2017/04/28 23:12:04 beck Exp $ */ + /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) + * All rights reserved. + * +@@ -541,15 +541,7 @@ + /* Safety net, error returns must set ctx->error */ + if (ok <= 0 && ctx->error == X509_V_OK) + ctx->error = X509_V_ERR_UNSPECIFIED; +- +- /* +- * Safety net, if user provided verify callback indicates sucess +- * make sure they have set error to X509_V_OK +- */ +- if (ctx->verify_cb != null_callback && ok == 1) +- ctx->error = X509_V_OK; +- +- return(ctx->error == X509_V_OK); ++ return ok; + } + + /* Given a STACK_OF(X509) find the issuer of cert (if any) Property changes on: head/security/libressl/files/patch-CVE-2017-8301 ___________________________________________________________________ Added: fbsd:nokeywords ## -0,0 +1 ## +yes \ No newline at end of property Added: svn:eol-style ## -0,0 +1 ## +native \ No newline at end of property Added: svn:mime-type ## -0,0 +1 ## +text/plain \ No newline at end of property