22 January 2015 the OpenSSL project releases OpenSSL 1.0.2 as their next major version
19 March 2014 OpenSSL releases 1.0.2a fixing a large number of CVE's and some bugs
21 March 2015 the OpenSSL port was updated from 1.0.1m to 1.0.2a, skipping 1.0.2
Using OpenSSL from ports
For your /etc/make.conf
will make all ports link ports OpenSSL. The ports not linking correctly are listed in Ports linking base OpenSSL and have been discovered in PR195796 the NO_SSL2 exp-build run. Beware that that list is no longer up-to-date, some have been fixed with the LibreSSL porting work.
The primary change is bump of the shared library versions from .7 to .8
You will run into issues if you don't rebuild all ports linking to OpenSSL. Some ports will still have or have had issues where they rely on features in base that link against ports (notably, curl required base Kerberos which linked against base OpenSSL resulting in failures when building with ports OpenSSL). Please create an entry on this page and notify brnrd@ via mail or Barnerd on FreeNode or EFNet.
Ports overlapping libssl from base and from ports
segfaults, backtrace shows
#0 0x00000008022962e3 in ssl_create_cipher_list () from /usr/local/lib/libssl.so.8 #1 0x000000080bd3fc3b in SSL_CTX_new () from /usr/lib/libssl.so.7
VirtualBox fails NS_ERROR_FACTORY_NOT_REGISTERED
Likely some OpenSSL fall-out
mail/fetchmail "errors not reported properly"
Via #bsdports on EFnet