From db45fe25b65a5fd03edbe91a88f233efee8ceb26 Mon Sep 17 00:00:00 2001 From: schmonz Date: Sat, 18 Dec 2021 13:55:18 +0000 Subject: [PATCH] Update to 3.4.2. From the LibreSSL changelog: * In some situations the X.509 verifier would discard an error on an unverified certificate chain, resulting in an authentication bypass. Thanks to Ilya Shipitsin and Timo Steinlein for reporting. --- security/libretls/Makefile | 4 ++-- security/libretls/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/security/libretls/Makefile b/security/libretls/Makefile index 78fcdaa729d6..86b6a2ac9bf5 100644 --- a/security/libretls/Makefile +++ b/security/libretls/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.5 2021/10/18 14:33:04 schmonz Exp $ +# $NetBSD: Makefile,v 1.6 2021/12/18 13:55:18 schmonz Exp $ -DISTNAME= libretls-3.4.1 +DISTNAME= libretls-3.4.2 CATEGORIES= security MASTER_SITES= https://causal.agency/libretls/ diff --git a/security/libretls/distinfo b/security/libretls/distinfo index 61f8d943ea67..b2c14ed2a887 100644 --- a/security/libretls/distinfo +++ b/security/libretls/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.7 2021/10/26 11:17:15 nia Exp $ +$NetBSD: distinfo,v 1.8 2021/12/18 13:55:18 schmonz Exp $ -BLAKE2s (libretls-3.4.1.tar.gz) = 75134babc919e5efd000519f8fc85d0c34f75ec5cb4e87ebe5b8707120feddf0 -SHA512 (libretls-3.4.1.tar.gz) = 5d8b8d6cafd4b3c7e97eb417dad35a415bd69d599e9ee720f5598452a6750589b570ffa52718062d2ae3477df81b2316064577a25d2c68fa673082bb766b16ad -Size (libretls-3.4.1.tar.gz) = 435404 bytes +BLAKE2s (libretls-3.4.2.tar.gz) = 4db43b5e22127dda7838787d2bb96df6bd9632efbcc8623d76f5e64335281a1e +SHA512 (libretls-3.4.2.tar.gz) = 0ded26558b74a00e5e05629d577c07ad9b8a8955aacbd7f97d6d1c81d4e7ccfe7c2fe0cc5bcb03fffb282cd51b8404236371d0074e39508099d1990fc3e065ba +Size (libretls-3.4.2.tar.gz) = 435457 bytes