Opened 10 years ago
Closed 10 years ago
#45403 closed update (fixed)
openssl 1.0.1j
| Reported by: | Schamschula (Marius Schamschula) | Owned by: | mww@… |
|---|---|---|---|
| Priority: | High | Milestone: | |
| Component: | ports | Version: | |
| Keywords: | security | Cc: | sierkb@…, neverpanic (Clemens Lang) |
| Port: | openssl |
Description
openssl has been updated to address the "POODLE" SSLv3 fallback issue.
Attachments (1)
Change History (8)
Changed 10 years ago by Schamschula (Marius Schamschula)
| Attachment: | Portfile-openssl.diff added |
|---|
comment:1 Changed 10 years ago by sierkb@…
| Cc: | sierkb@… added |
|---|
comment:2 Changed 10 years ago by sierkb@…
Please update port openssl from version 1.0.1i to latest version 1.0.1j as soon as possible.
Please update port openssl97 from version 0.9.7m to latest version 0.9.8zc as well.
See: OpenSSL Security Advisory [15 Oct 2014] https://www.openssl.org/news/secadv_20141015.txt.
comment:3 Changed 10 years ago by neverpanic (Clemens Lang)
| Cc: | cal@… added |
|---|---|
| Priority: | Normal → High |
comment:4 Changed 10 years ago by neverpanic (Clemens Lang)
| Keywords: | security added |
|---|
comment:5 Changed 10 years ago by mf2k (Frank Schima)
| Cc: | mww@… removed |
|---|---|
| Owner: | changed from macports-tickets@… to mww@… |
| Version: | 2.3.1 |
comment:6 Changed 10 years ago by neverpanic (Clemens Lang)
OpenSSL updated in r126888.
I'd like to outright delete (or mark as replaced_by openssl) openssl97. It seems the branch is no longer maintained, and updating the "97" port to the 0.9.8 series sounds wrong. Nothing depends on it, so really, users should never install it.
Markus, do you have an opinion on that? If I don't hear from you until maintainer timeout I'm going to go ahead and delete it.
comment:7 Changed 10 years ago by neverpanic (Clemens Lang)
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
Deleted openssl97 in r127040.
Cc Me!