From: Gustavo Zacarias Date: Thu, 3 Dec 2015 17:49:42 +0000 (-0300) Subject: openssl: security bump to version 1.0.2e X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=e9fb14ecef2427d3b98586c667f1e19112de5f90;p=buildroot.git openssl: security bump to version 1.0.2e Fixes: CVE-2015-3193 - BN_mod_exp may produce incorrect results on x86_64 CVE-2015-3194 - Certificate verify crash with missing PSS parameter CVE-2015-3195 - X509_ATTRIBUTE memory leak Enable IDEA as well since otherwise the build breaks (always great upstream) - it's no longer patent encumbered. [Peter: correct sha256] Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard --- diff --git a/package/openssl/openssl.hash b/package/openssl/openssl.hash index 355be79067..dee8ab9627 100644 --- a/package/openssl/openssl.hash +++ b/package/openssl/openssl.hash @@ -1,2 +1,2 @@ -# From https://www.openssl.org/source/openssl-1.0.2d.tar.gz.sha256 -sha256 671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8 openssl-1.0.2d.tar.gz +# From https://www.openssl.org/source/openssl-1.0.2e.tar.gz.sha256 +sha256 e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff openssl-1.0.2e.tar.gz diff --git a/package/openssl/openssl.mk b/package/openssl/openssl.mk index da492ffd09..1f07df19cf 100644 --- a/package/openssl/openssl.mk +++ b/package/openssl/openssl.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPENSSL_VERSION = 1.0.2d +OPENSSL_VERSION = 1.0.2e OPENSSL_SITE = http://www.openssl.org/source OPENSSL_LICENSE = OpenSSL or SSLeay OPENSSL_LICENSE_FILES = LICENSE @@ -77,7 +77,6 @@ define OPENSSL_CONFIGURE_CMDS --libdir=/lib \ $(if $(BR2_TOOLCHAIN_HAS_THREADS),threads,no-threads) \ $(if $(BR2_STATIC_LIBS),no-shared,shared) \ - no-idea \ no-rc5 \ enable-camellia \ enable-mdc2 \