From nobody Tue Oct 22 15:36:51 2024 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XXx9v45NNz5PcBk; Tue, 22 Oct 2024 15:36:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XXx9v3XlWz4LgX; Tue, 22 Oct 2024 15:36:51 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1729611411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1JBLgkhnWWEDv7YRbn+r0B854wlH5b9bUe80QH46SNI=; b=JvlFsLOlhl1qddqdsVXjpBmyr7Jw1fZdXUeTp6Mysb+/QKZ+Nw48OHTA952RmPu4FKGJ/N e6MwsryTaxvh2dlBvWBnnJGyIOf6X7PSchII0/NAvaB+ByqfGOdTUAbf/cNSTVBY604ukA OgjeQAseZafs3K/X9zGcaiOQ4XBK+9mSJdCd0amaHRoTG403IOLyIYxRI4L4ep3HH9GhMF T1hpAdkNBGJMaUcnBIXCL3JFkHlI7GbwtDmhBYtQCqRkXrt+EopQHcexnfLssx0l7YD7Jb HburVzVapeZhcabgdP9oeVenZfUeagOJ5rIVcEZQZjP3rMLXTqKhz+MjdICagg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1729611411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=1JBLgkhnWWEDv7YRbn+r0B854wlH5b9bUe80QH46SNI=; b=aKBMD07Hd3YlQ0oJCS6yR+FTDbU2C9CBuGrpGEsGyHbMxLL7RsUwOpJAXlYmyBdJ4L3/MX k7n2zX/sz3Hc9o0Mp0ZVSSZSdeGoDeEsMGFPvIM+HDckbm/4EOXwutyx/nK5sCzXEdOmkq 0nZap0PO1SuNSwr+IwDFj2+n5gGQ/zxBVQ0PBijTo4JmmeCc76R89+NG4MGRGOcwg/I3RA TTHhckSB7E3MmAlWiDpJmN/690Xdqol8vetSZl6caqohLaIDoY+Vy48huxQ9wtFsPJdUkm 6J7lw5BGTIY1m+w4/IH1z/F5APTAbf389u4Zw7F67zbekDzA13BAub0h8y2yhA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1729611411; a=rsa-sha256; cv=none; b=Zn40Brju9sJTlZkXGPg8nYE+qqxZvnoWQHvXTacKNovSc13REHJuYlfpW/F8u4ekwFEuOp mBnH3bGS276Pmqr078GL+/e6YCJU6/buu4c6yYmWnCBM+Ca2pTD2aFP4nEUbvWfS46/9PX ghYfq74MJRpQSUre/XXb/t5PSZMdkKhk1yhTOQ11zFKvk/W9veMvtIC5SbqREZIGW7IyaI 98wEes3TKPM5wVqGohAN1l9AlnP6kqPsy/7ilE289LCjZKJK+nsH0sAIv2BbyhGSgD88vQ ZbEZwMLD5AddIs1F6e/HulN7JyzpRB6gT8ITlCElFsYMEwOSOOw868dOr3cC1Q== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XXx9v30CpzKKZ; Tue, 22 Oct 2024 15:36:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 49MFapF2072373; Tue, 22 Oct 2024 15:36:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 49MFapim072370; Tue, 22 Oct 2024 15:36:51 GMT (envelope-from git) Date: Tue, 22 Oct 2024 15:36:51 GMT Message-Id: <202410221536.49MFapim072370@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Alex Dupre Subject: git: 53b58221ade1 - main - security/cryptlib: update to 3.4.7 release. List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: ale X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 53b58221ade14504875fbd818f42ee551f65f79e Auto-Submitted: auto-generated The branch main has been updated by ale: URL: https://cgit.FreeBSD.org/ports/commit/?id=53b58221ade14504875fbd818f42ee551f65f79e commit 53b58221ade14504875fbd818f42ee551f65f79e Author: Alex Dupre AuthorDate: 2024-10-22 15:31:22 +0000 Commit: Alex Dupre CommitDate: 2024-10-22 15:33:29 +0000 security/cryptlib: update to 3.4.7 release. PR: 282203 Submitted by: Alven Security: CVE-2024-0202 --- security/cryptlib/Makefile | 2 +- security/cryptlib/distinfo | 6 ++--- security/cryptlib/files/patch-makefile | 4 +-- security/cryptlib/files/patch-misc_os__spec.h | 4 +-- security/cryptlib/files/patch-test_certs.c | 8 +++--- security/cryptlib/files/patch-tools_ccopts.sh | 36 ++------------------------- 6 files changed, 14 insertions(+), 46 deletions(-) diff --git a/security/cryptlib/Makefile b/security/cryptlib/Makefile index a306eb97b224..42b59ea691f4 100644 --- a/security/cryptlib/Makefile +++ b/security/cryptlib/Makefile @@ -1,5 +1,5 @@ PORTNAME= cryptlib -DISTVERSION= 3.4.6 +DISTVERSION= 3.4.7 CATEGORIES= security MASTER_SITES= https://cryptlib-release.s3-ap-southeast-1.amazonaws.com/ DISTNAME= ${PORTNAME}${PORTVERSION:S/.//g} diff --git a/security/cryptlib/distinfo b/security/cryptlib/distinfo index 4e31fa1950d6..59a3e7b72af6 100644 --- a/security/cryptlib/distinfo +++ b/security/cryptlib/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1679305871 -SHA256 (cryptlib346.zip) = c72cfd103eb9fa9f205c14c84ce4fbdf3ead1e2447e830b164dc335141f747bd -SIZE (cryptlib346.zip) = 6826568 +TIMESTAMP = 1729514079 +SHA256 (cryptlib347.zip) = e3f617ea55b1c2c6ea1a27ccc7c8dd4972d3428dfbb0c8ba52a3e4a3ea98ada6 +SIZE (cryptlib347.zip) = 7041396 diff --git a/security/cryptlib/files/patch-makefile b/security/cryptlib/files/patch-makefile index 6f255e18d9d2..0ab07a73ea8f 100644 --- a/security/cryptlib/files/patch-makefile +++ b/security/cryptlib/files/patch-makefile @@ -1,6 +1,6 @@ ---- makefile.orig 2021-09-10 22:27:18 UTC +--- makefile.orig 2023-07-04 09:46:00 UTC +++ makefile -@@ -1859,7 +1859,7 @@ BSD/OS: +@@ -1941,7 +1941,7 @@ FreeBSD: $(MAKE) $(DEFINES) CFLAGS="$(CFLAGS) -fomit-frame-pointer -O3" FreeBSD: diff --git a/security/cryptlib/files/patch-misc_os__spec.h b/security/cryptlib/files/patch-misc_os__spec.h index 66d060b78bd7..4fc1e99d45aa 100644 --- a/security/cryptlib/files/patch-misc_os__spec.h +++ b/security/cryptlib/files/patch-misc_os__spec.h @@ -1,6 +1,6 @@ ---- misc/os_spec.h.orig 2021-09-11 19:27:14 UTC +--- misc/os_spec.h.orig 2023-02-10 20:29:06 UTC +++ misc/os_spec.h -@@ -610,9 +610,8 @@ typedef int BOOLEAN_INT; +@@ -607,9 +607,8 @@ typedef int BOOLEAN_INT; variants, this presumably extends to SH5 as well so we treat va_lists on Super-H as scalars */ diff --git a/security/cryptlib/files/patch-test_certs.c b/security/cryptlib/files/patch-test_certs.c index 8d9b05f4093c..30ea0fea6744 100644 --- a/security/cryptlib/files/patch-test_certs.c +++ b/security/cryptlib/files/patch-test_certs.c @@ -1,11 +1,11 @@ ---- test/certs.c.orig 2023-03-20 10:42:36 UTC +--- test/certs.c.orig 2023-01-31 00:46:48 UTC +++ test/certs.c @@ -52,7 +52,7 @@ #if defined( __MWERKS__ ) || defined( SYMANTEC_C ) || defined( __MRC__ ) - #define CERTTIME_DATETEST ( ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L ) + #define CERTTIME_DATETEST ( ( ( 2022 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L ) #else -- #define CERTTIME_DATETEST ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) -+ #define CERTTIME_DATETEST ( ( 2023 - 1970 ) * ONE_YEAR_TIME ) +- #define CERTTIME_DATETEST ( ( 2022 - 1970 ) * ONE_YEAR_TIME ) ++ #define CERTTIME_DATETEST ( ( 2024 - 1970 ) * ONE_YEAR_TIME ) #endif /* Macintosh-specific weird epoch */ #if ( ULONG_MAX > 0xFFFFFFFFUL ) || defined( _M_X64 ) #define SYSTEM_64BIT diff --git a/security/cryptlib/files/patch-tools_ccopts.sh b/security/cryptlib/files/patch-tools_ccopts.sh index 040bf62ddbf0..ad81eac26a3d 100644 --- a/security/cryptlib/files/patch-tools_ccopts.sh +++ b/security/cryptlib/files/patch-tools_ccopts.sh @@ -1,6 +1,6 @@ ---- tools/ccopts.sh.orig 2021-10-21 02:27:26 UTC +--- tools/ccopts.sh.orig 2023-07-11 00:09:58 UTC +++ tools/ccopts.sh -@@ -675,7 +675,7 @@ hasSafeStackLibs() +@@ -603,7 +603,7 @@ if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then if [ $COMPILER_VER -ge 47 ] ; then @@ -9,35 +9,3 @@ # The versions of clang shipped with OS X or OpenBSD don't # support -fsanitize=safe-stack even as late as clang 12, so # there's not much that we can do. -@@ -892,31 +892,6 @@ fi - # a big deal. As a convenient side-effect, this also enables the use of - # ASLR where it's supported. - --if [ "$ARCH" = "i586" ] || [ "$ARCH" = "i686" ] || [ "$ARCH" = "x86_64" ] ; then -- if [ "$COMPILER_VER" -ge 45 ] ; then -- if [ $GENERICBUILD -gt 0 ] ; then -- echo " (Enabling lowest-common-denominator build options for cross-platform library)." >&2 ; -- else -- CCARGS="$CCARGS -march=native -mtune=generic" ; -- fi -- if [ "$ARCH" = "x86_64" ] ; then -- CCARGS="$CCARGS -fPIC" ; -- fi ; -- elif [ "$COMPILER_VER" -ge 30 ] ; then -- case $ARCH in -- 'x86_64') -- CCARGS="$CCARGS -march=opteron -fPIC" ;; -- -- 'i686') -- CCARGS="$CCARGS -march=pentiumpro" ;; -- -- *) -- CCARGS="$CCARGS -march=pentium" ;; -- esac ; -- else -- CCARGS="$CCARGS -mcpu=pentium" ; -- fi ; --fi - - # gcc 4.x for 64-bit architectures has an optimiser bug that removes an - # empty-list check in cryptlib's list-management code (this has been