Comment 1 Thierry Carrez (RETIRED) 2004-10-21 08:08:20 UTC

Created attachment 42317 [details, diff]
Patch from RedHat bug

Patch from RedHat

Comment 2 Thierry Carrez (RETIRED) 2004-10-21 08:11:23 UTC

Our /etc/ssl/misc/der_chop is affected.
Its use looks deprecated. It should be patched or removed.

Comment 3 Thierry Carrez (RETIRED) 2004-10-25 00:34:57 UTC

This is no-herd and aliz doesn't seem active ATM. Looks like we'll have to fix this one ourselves.

If it's really deprecated (like they say on the RedHat bug), then it should probably be removed rather than fixed.

Comment 4 Thierry Carrez (RETIRED) 2004-10-30 09:25:40 UTC

Crypto herd : there is no sign from Aliz. I know openssl is technically no-herd, but I thought you could help.

The idea is to patch or remove the der_chop script. Thanks is advance :)

Comment 5 Thierry Carrez (RETIRED) 2004-11-05 06:23:35 UTC

Given patch applies cleanly to 0.9.7d-r1

Comment 6 Thierry Carrez (RETIRED) 2004-11-05 07:16:55 UTC

Thx to dragonheart for the patch.
Arches please test and mark 0.9.7d-r2 stable

Comment 7 Gustavo Zacarias (RETIRED) 2004-11-05 07:34:34 UTC

>>> md5 src_uri ;-) openssl-0.9.7d.tar.gz
>>> md5 src_uri ;-) openssl-0.9.6m.tar.gz
>>> Unpacking source...
>>> Unpacking openssl-0.9.7d.tar.gz to /var/tmp/portage/openssl-0.9.7d-r2/work
>>> Unpacking openssl-0.9.6m.tar.gz to /var/tmp/portage/openssl-0.9.7d-r2/work
 * Applying openssl-0.9.7c-tempfile.patch ...                                               [ ok ] * Applying openssl-0.9.7d-gentoo.diff ...                                                  [ ok ] * Applying openssl-0.9.7d-smime.patch ...                                                  [ ok ]sed: -e expression #1, char 88: Unknown option to `s'

!!! ERROR: dev-libs/openssl-0.9.7d-r2 failed.
!!! Function src_unpack, Line 98, Exitcode 1
!!! sed failed
!!! If you need support, post the topmost build error, NOT this status message.

Comment 8 Markus Rothe (RETIRED) 2004-11-05 13:09:15 UTC

works for me (ebuild/patch and ssl itself).

stable on ppc64.

Markus

Comment 9 Karol Wojtaszek (RETIRED) 2004-11-05 14:34:07 UTC

Stable on amd64

Comment 10 Bryan Østergaard (RETIRED) 2004-11-05 17:46:49 UTC

Stable on alpha.

Comment 11 Jason Wever (RETIRED) 2004-11-05 19:52:02 UTC

sparc'd

Comment 12 Thierry Carrez (RETIRED) 2004-11-06 01:13:47 UTC

Security, please vote on GLSA need. I /think/ this doesn't warrant a GLSA (der_chop being quite deprecated), but we issued other GLSAs for Netatalk's etc2ps.sh and krb5's send-pr.sh... Maybe a grouped GLSA with the davfs and groff ones ? 

Comment 13 Sune Kloppenborg Jeppesen (RETIRED) 2004-11-06 04:01:12 UTC

I vote for a grouped GLSA.

Comment 14 Thierry Carrez (RETIRED) 2004-11-06 05:36:12 UTC

Waiting for davfs

Comment 15 Joshua Kinard 2004-11-07 01:51:22 UTC

mips stable.

Comment 16 Thierry Carrez (RETIRED) 2004-11-07 10:26:44 UTC

davfs will take too much time, issuing GLSA with only openssl and groff

Comment 17 Thierry Carrez (RETIRED) 2004-11-08 02:50:46 UTC

GLSA 200411-15
arm hppa ia64 s390 : please mark stable to benefit from GLSA