Navigation:
Browse pkgsrc
(this page)
security openssl
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ]| 2025-10-05 16:22:44 by Jonathan Schleifer | Files touched by this commit (1) |
Log message: devel/openssl: Use BROKEN_ON_PLATFORM instead of NOT_FOR_PLATFORM |
| 2025-10-05 04:26:34 by Jonathan Schleifer | Files touched by this commit (1) |
Log message: security/openssl: NOT_FOR_PLATFORM+=QNX-*-* |
2025-10-03 11:11:10 by Adam Ciarcinski | Files touched by this commit (3) |  |
Log message: openssl: updated to 3.6.0 OpenSSL 3.6.0 is a feature release adding significant new functionality to OpenSSL. This release incorporates the following potentially significant or incompatible changes: Added NIST security categories for PKEY objects. Added support for EVP_SKEY opaque symmetric key objects to the key derivation and key exchange provider methods. Added EVP_KDF_CTX_set_SKEY(), EVP_KDF_derive_SKEY(), and EVP_PKEY_derive_SKEY() functions. Added LMS signature verification support as per [SP 800-208].. This support is present in both the FIPS and default providers. An ANSI-C toolchain is no longer sufficient for building OpenSSL. The code should be built using compilers supporting C-99 features. Support for the VxWorks platforms has been removed. Added an openssl configutl utility for processing the OpenSSL configuration file and dumping the equal configuration file. Added support for FIPS 186-5 deterministic ECDSA signature generation to the FIPS provider. Deprecated EVP_PKEY_ASN1_METHOD-related functions. |
| 2025-09-30 18:11:00 by Thomas Klausner | Files touched by this commit (2) | |
Log message:
openssl: update to 3.5.4.
OpenSSL 3.5.4 is a security patch release. The most severe CVE fixed in this
release is Moderate.
This release incorporates the following bug fixes and mitigations:
* Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap.
([CVE-2025-9230])
* Fix Timing side-channel in SM2 algorithm on 64 bit ARM.
([CVE-2025-9231])
* Fix Out-of-bounds read in HTTP client no_proxy handling.
([CVE-2025-9232])
* Reverted the synthesised `OPENSSL_VERSION_NUMBER` change for the release
builds, as it broke some exiting applications that relied on the previous
3.x semantics, as documented in `OpenSSL_version(3)`.
|
| 2025-09-22 07:51:24 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: openssl: updated to 3.5.3 OpenSSL 3.5.3 is a bug fix release. This release incorporates the following bug fixes and mitigations: Added FIPS 140-3 PCT on DH key generation. Fixed the synthesised OPENSSL_VERSION_NUMBER. |
| 2025-08-05 22:03:24 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: openssl: updated to 3.5.2 OpenSSL 3.5.2 is a bug fix release. This release incorporates the following bug fixes and mitigations: Miscellaneous minor bug fixes. The FIPS provider now performs a PCT on key import for RSA, EC and ECX. This is mandated by FIPS 140-3 IG 10.3.A additional comment 1. |
| 2025-07-03 09:29:11 by Adam Ciarcinski | Files touched by this commit (1) |
Log message: openssl: remove unused patch |
| 2025-07-01 16:45:15 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: openssl: updated to 3.5.1 OpenSSL 3.5.1 is a security patch release. The most severe CVE fixed in this release is Low. This release incorporates the following bug fixes and mitigations: Fix x509 application adds trusted use instead of rejected use. ([CVE-2025-4575]) |
New packages: