package/libopenssl: security bump to version 1.0.2n
authorBernd Kuhls <bernd.kuhls@t-online.de>
Sat, 9 Dec 2017 19:57:05 +0000 (20:57 +0100)
committerPeter Korsgaard <peter@korsgaard.com>
Sun, 10 Dec 2017 19:56:15 +0000 (20:56 +0100)
Fixes CVE-2017-3737 & CVE-2017-3738:
https://www.openssl.org/news/secadv/20171207.txt

Added license hash.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/libopenssl/libopenssl.hash
package/libopenssl/libopenssl.mk

index c6226c302fb1872c66196e87a79a311c3fa4b840..e3d3da757d8bd76aa0e7821e490de40d577b6fb7 100644 (file)
@@ -1,7 +1,8 @@
-# From https://www.openssl.org/source/openssl-1.0.2m.tar.gz.sha256
-sha256 8c6ff15ec6b319b50788f42c7abc2890c08ba5a1cdcd3810eb9092deada37b0f        openssl-1.0.2m.tar.gz
+# From https://www.openssl.org/source/openssl-1.0.2n.tar.gz.sha256
+sha256 370babb75f278c39e0c50e8c4e7493bc0f18db6867478341a832a982fd15a8fe        openssl-1.0.2n.tar.gz
 # Locally computed
 sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9        openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
 sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f        openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
 sha256 30cb49489de5041841a74da9155cd4fabfbce33237262ba7cd23974314ae2956        openssl-1.0.2a-parallel-symlinking.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
 sha256 deaf6f3af41874ecc6d63841ea14b8e6c71cea81d4a511a754bc90c9a993147f        openssl-1.0.2d-parallel-build.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
+sha256 9ee37d72966bb4a841343f0606ce44d41b3eae4df4285200c5a8ddc2b935992a        LICENSE
index 8cccb9c606c4d2e77087af89d3333e582a25317f..5a78676c64a345c27087d5940bd13ceb73460922 100644 (file)
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBOPENSSL_VERSION = 1.0.2m
+LIBOPENSSL_VERSION = 1.0.2n
 LIBOPENSSL_SITE = http://www.openssl.org/source
 LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
 LIBOPENSSL_LICENSE = OpenSSL or SSLeay