<pre style='margin:0'>
Clemens Lang (neverpanic) pushed a commit to branch master
in repository macports-ports.

</pre>
<p><a href="https://github.com/macports/macports-ports/commit/2881fee3dc5298576f685b885cd536de94a47884">https://github.com/macports/macports-ports/commit/2881fee3dc5298576f685b885cd536de94a47884</a></p>
<pre style="white-space: pre; background: #F8F8F8"><span style='display:block; white-space:pre;color:#808000;'>commit 2881fee3dc5298576f685b885cd536de94a47884
</span>Author: Clemens Lang <cal@macports.org>
AuthorDate: Tue Sep 3 22:12:57 2024 +0200

<span style='display:block; white-space:pre;color:#404040;'>    openssl3: Update to 3.3.2, fix two CVEs
</span><span style='display:block; white-space:pre;color:#404040;'>    
</span><span style='display:block; white-space:pre;color:#404040;'>    See https://openssl-library.org/news/secadv/20240903.txt and
</span><span style='display:block; white-space:pre;color:#404040;'>    https://openssl-library.org/news/secadv/20240627.txt for the upstream
</span><span style='display:block; white-space:pre;color:#404040;'>    advisories.
</span><span style='display:block; white-space:pre;color:#404040;'>    
</span><span style='display:block; white-space:pre;color:#404040;'>    The changelog is at https://openssl-library.org/news/openssl-3.3-notes/.
</span><span style='display:block; white-space:pre;color:#404040;'>    
</span><span style='display:block; white-space:pre;color:#404040;'>    The source code has moved to GitHub releases, so adjust the source
</span><span style='display:block; white-space:pre;color:#404040;'>    accordingly.
</span><span style='display:block; white-space:pre;color:#404040;'>    
</span><span style='display:block; white-space:pre;color:#404040;'>    CVE: CVE-2024-6119
</span><span style='display:block; white-space:pre;color:#404040;'>    CVE: CVE-2024-5535
</span>---
 devel/openssl3/Portfile | 28 ++++++++++------------------
 1 file changed, 10 insertions(+), 18 deletions(-)

<span style='display:block; white-space:pre;color:#808080;'>diff --git a/devel/openssl3/Portfile b/devel/openssl3/Portfile
</span><span style='display:block; white-space:pre;color:#808080;'>index ce53c95c4e6..aff063bc12c 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/devel/openssl3/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/devel/openssl3/Portfile
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -4,16 +4,22 @@ PortSystem          1.0
</span> PortGroup           compiler_blacklist_versions 1.0
 PortGroup           muniversal 1.0
 PortGroup           legacysupport 1.1
<span style='display:block; white-space:pre;background:#e0ffe0;'>+PortGroup           github 1.0
</span> 
 # Availability.h
 legacysupport.newest_darwin_requires_legacy 8
 
 set major_v         3
<span style='display:block; white-space:pre;background:#ffe0e0;'>-name                openssl$major_v
</span> # For former rollback to 3.1.x release where needed. Must now stay.
 epoch               1
<span style='display:block; white-space:pre;background:#ffe0e0;'>-version             ${major_v}.3.1
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-revision            1
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+github.setup        openssl openssl ${major_v}.3.2 openssl-
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+name                openssl3
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+revision            0
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+github.tarball_from releases
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+checksums           rmd160  a904b3c3c9fcb9ab9248bfc0225003fa610d382f \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                    sha256  2e8a40b01979afe8be0bbfb3de5dc1c6709fedb46d6c89c10da114ab5fc3d281 \
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+                    size    18076531
</span> 
 # Please revbump these ports when updating the openssl3 version/revision
 #  - freeradius (#43461)
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -33,26 +39,12 @@ long_description    The OpenSSL Project is a collaborative effort to \
</span>                     Security (TLS v1) protocols as well as \
                     a full-strength general purpose cryptography \
                     library.
<span style='display:block; white-space:pre;background:#ffe0e0;'>-homepage            https://www.openssl.org
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+homepage            https://www.openssl-library.org
</span> 
 depends_lib         port:zlib
 
 distname            openssl-${version}
 
<span style='display:block; white-space:pre;background:#ffe0e0;'>-# See https://www.openssl.org/source/mirror.html
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-master_sites        ${homepage}/source \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    ftp://gd.tuwien.ac.at/infosys/security/openssl/source/ \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    http://mirror.switch.ch/ftp/mirror/openssl/source/ \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    ftp://ftp.fi.muni.cz/pub/openssl/source/ \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    http://artfiles.org/openssl.org/source/ \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    ftp://ftp.linux.hr/pub/openssl/source/ \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    ftp://guest.kuria.katowice.pl/pub/openssl/source/
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-checksums           rmd160  f7d3736a023dcf7d40db016182ca6d1de5a6fa69 \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    sha256  777cd596284c883375a2a7a11bf5d2786fc5413255efab20c50d6ffe6d020b7e \
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-                    size    18055752
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span> # Old obsolete subport for overriding version holdback
 # Make it explicitly obsolete for now
 #
</pre><pre style='margin:0'>

</pre>