1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-11-18 00:10:04 +00:00

security/cryptlib: update to 3.4.7 release.

PR:		282203
Submitted by:	Alven <alster@vinterdalen.se>
Security:	CVE-2024-0202
This commit is contained in:
Alex Dupre 2024-10-22 17:31:22 +02:00
parent 8a48baa401
commit 53b58221ad
6 changed files with 14 additions and 46 deletions

View File

@ -1,5 +1,5 @@
PORTNAME= cryptlib PORTNAME= cryptlib
DISTVERSION= 3.4.6 DISTVERSION= 3.4.7
CATEGORIES= security CATEGORIES= security
MASTER_SITES= https://cryptlib-release.s3-ap-southeast-1.amazonaws.com/ MASTER_SITES= https://cryptlib-release.s3-ap-southeast-1.amazonaws.com/
DISTNAME= ${PORTNAME}${PORTVERSION:S/.//g} DISTNAME= ${PORTNAME}${PORTVERSION:S/.//g}

View File

@ -1,3 +1,3 @@
TIMESTAMP = 1679305871 TIMESTAMP = 1729514079
SHA256 (cryptlib346.zip) = c72cfd103eb9fa9f205c14c84ce4fbdf3ead1e2447e830b164dc335141f747bd SHA256 (cryptlib347.zip) = e3f617ea55b1c2c6ea1a27ccc7c8dd4972d3428dfbb0c8ba52a3e4a3ea98ada6
SIZE (cryptlib346.zip) = 6826568 SIZE (cryptlib347.zip) = 7041396

View File

@ -1,6 +1,6 @@
--- makefile.orig 2021-09-10 22:27:18 UTC --- makefile.orig 2023-07-04 09:46:00 UTC
+++ makefile +++ makefile
@@ -1859,7 +1859,7 @@ BSD/OS: @@ -1941,7 +1941,7 @@ FreeBSD:
$(MAKE) $(DEFINES) CFLAGS="$(CFLAGS) -fomit-frame-pointer -O3" $(MAKE) $(DEFINES) CFLAGS="$(CFLAGS) -fomit-frame-pointer -O3"
FreeBSD: FreeBSD:

View File

@ -1,6 +1,6 @@
--- misc/os_spec.h.orig 2021-09-11 19:27:14 UTC --- misc/os_spec.h.orig 2023-02-10 20:29:06 UTC
+++ misc/os_spec.h +++ misc/os_spec.h
@@ -610,9 +610,8 @@ typedef int BOOLEAN_INT; @@ -607,9 +607,8 @@ typedef int BOOLEAN_INT;
variants, this presumably extends to SH5 as well so we treat va_lists on variants, this presumably extends to SH5 as well so we treat va_lists on
Super-H as scalars */ Super-H as scalars */

View File

@ -1,11 +1,11 @@
--- test/certs.c.orig 2023-03-20 10:42:36 UTC --- test/certs.c.orig 2023-01-31 00:46:48 UTC
+++ test/certs.c +++ test/certs.c
@@ -52,7 +52,7 @@ @@ -52,7 +52,7 @@
#if defined( __MWERKS__ ) || defined( SYMANTEC_C ) || defined( __MRC__ ) #if defined( __MWERKS__ ) || defined( SYMANTEC_C ) || defined( __MRC__ )
#define CERTTIME_DATETEST ( ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L ) #define CERTTIME_DATETEST ( ( ( 2022 - 1970 ) * ONE_YEAR_TIME ) + 2082844800L )
#else #else
- #define CERTTIME_DATETEST ( ( 2021 - 1970 ) * ONE_YEAR_TIME ) - #define CERTTIME_DATETEST ( ( 2022 - 1970 ) * ONE_YEAR_TIME )
+ #define CERTTIME_DATETEST ( ( 2023 - 1970 ) * ONE_YEAR_TIME ) + #define CERTTIME_DATETEST ( ( 2024 - 1970 ) * ONE_YEAR_TIME )
#endif /* Macintosh-specific weird epoch */ #endif /* Macintosh-specific weird epoch */
#if ( ULONG_MAX > 0xFFFFFFFFUL ) || defined( _M_X64 ) #if ( ULONG_MAX > 0xFFFFFFFFUL ) || defined( _M_X64 )
#define SYSTEM_64BIT #define SYSTEM_64BIT

View File

@ -1,6 +1,6 @@
--- tools/ccopts.sh.orig 2021-10-21 02:27:26 UTC --- tools/ccopts.sh.orig 2023-07-11 00:09:58 UTC
+++ tools/ccopts.sh +++ tools/ccopts.sh
@@ -675,7 +675,7 @@ hasSafeStackLibs() @@ -603,7 +603,7 @@ if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then
if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then if [ $ISCLANG -gt 0 ] && [ $ISSPECIAL -eq 0 ] ; then
if [ $COMPILER_VER -ge 47 ] ; then if [ $COMPILER_VER -ge 47 ] ; then
@ -9,35 +9,3 @@
# The versions of clang shipped with OS X or OpenBSD don't # The versions of clang shipped with OS X or OpenBSD don't
# support -fsanitize=safe-stack even as late as clang 12, so # support -fsanitize=safe-stack even as late as clang 12, so
# there's not much that we can do. # there's not much that we can do.
@@ -892,31 +892,6 @@ fi
# a big deal. As a convenient side-effect, this also enables the use of
# ASLR where it's supported.
-if [ "$ARCH" = "i586" ] || [ "$ARCH" = "i686" ] || [ "$ARCH" = "x86_64" ] ; then
- if [ "$COMPILER_VER" -ge 45 ] ; then
- if [ $GENERICBUILD -gt 0 ] ; then
- echo " (Enabling lowest-common-denominator build options for cross-platform library)." >&2 ;
- else
- CCARGS="$CCARGS -march=native -mtune=generic" ;
- fi
- if [ "$ARCH" = "x86_64" ] ; then
- CCARGS="$CCARGS -fPIC" ;
- fi ;
- elif [ "$COMPILER_VER" -ge 30 ] ; then
- case $ARCH in
- 'x86_64')
- CCARGS="$CCARGS -march=opteron -fPIC" ;;
-
- 'i686')
- CCARGS="$CCARGS -march=pentiumpro" ;;
-
- *)
- CCARGS="$CCARGS -march=pentium" ;;
- esac ;
- else
- CCARGS="$CCARGS -mcpu=pentium" ;
- fi ;
-fi
# gcc 4.x for 64-bit architectures has an optimiser bug that removes an
# empty-list check in cryptlib's list-management code (this has been