From e11df1eac62f23263e90c54d87bc69a7021e72b7 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Wed, 15 Aug 2018 22:17:11 +0200 Subject: openssl: update to version 1.0.2p This fixes the following security problems: * CVE-2018-0732: Client DoS due to large DH parameter * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation Signed-off-by: Hauke Mehrtens --- package/libs/openssl/Makefile | 4 ++-- package/libs/openssl/patches/150-no_engines.patch | 2 +- package/libs/openssl/patches/200-parallel_build.patch | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 8409730..b64a51d 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl PKG_BASE:=1.0.2 -PKG_BUGFIX:=o +PKG_BUGFIX:=p PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX) PKG_RELEASE:=1 PKG_USE_MIPS16:=0 @@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \ http://gd.tuwien.ac.at/infosys/security/openssl/source/ \ http://www.openssl.org/source/ \ http://www.openssl.org/source/old/$(PKG_BASE)/ -PKG_HASH:=ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d +PKG_HASH:=50a98e07b1a89eb8f6a99477f262df71c6fa7bef77df4dc83025a2845c827d00 PKG_LICENSE:=OpenSSL PKG_LICENSE_FILES:=LICENSE diff --git a/package/libs/openssl/patches/150-no_engines.patch b/package/libs/openssl/patches/150-no_engines.patch index 102e7a3..a518a00 100644 --- a/package/libs/openssl/patches/150-no_engines.patch +++ b/package/libs/openssl/patches/150-no_engines.patch @@ -1,6 +1,6 @@ --- a/Configure +++ b/Configure -@@ -2136,6 +2136,11 @@ EOF +@@ -2144,6 +2144,11 @@ EOF close(OUT); } diff --git a/package/libs/openssl/patches/200-parallel_build.patch b/package/libs/openssl/patches/200-parallel_build.patch index 0616551..37134e4 100644 --- a/package/libs/openssl/patches/200-parallel_build.patch +++ b/package/libs/openssl/patches/200-parallel_build.patch @@ -173,7 +173,7 @@ apps: @(cd ..; $(MAKE) DIRS=apps all) -@@ -586,7 +586,7 @@ $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssl +@@ -593,7 +593,7 @@ $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssl # fi dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- cgit v1.1