From 2de25704771bfe34fb87a01dad3987c5c93404eb Mon Sep 17 00:00:00 2001 From: Gustavo Zacarias Date: Tue, 3 May 2016 11:39:33 -0300 Subject: [PATCH] openssl: security bump to version 1.0.2h Fixes: CVE-2016-2105 - Fix EVP_EncodeUpdate overflow CVE-2016-2106 - Fix EVP_EncryptUpdate overflow CVE-2016-2107 - Prevent padding oracle in AES-NI CBC MAC check CVE-2016-2109 - Prevent ASN.1 BIO excessive memory allocation CVE-2016-2176 - EBCDIC overread Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard --- package/openssl/openssl.hash | 4 ++-- package/openssl/openssl.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/openssl/openssl.hash b/package/openssl/openssl.hash index e3ea2aedce..edbce8e276 100644 --- a/package/openssl/openssl.hash +++ b/package/openssl/openssl.hash @@ -1,5 +1,5 @@ -# From https://www.openssl.org/source/openssl-1.0.2g.tar.gz.sha256 -sha256 b784b1b3907ce39abf4098702dade6365522a253ad1552e267a9a0e89594aa33 openssl-1.0.2g.tar.gz +# From https://www.openssl.org/source/openssl-1.0.2h.tar.gz.sha256 +sha256 1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919 openssl-1.0.2h.tar.gz # Locally computed sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d diff --git a/package/openssl/openssl.mk b/package/openssl/openssl.mk index 2f50dfb1fa..2368aa913c 100644 --- a/package/openssl/openssl.mk +++ b/package/openssl/openssl.mk @@ -4,7 +4,7 @@ # ################################################################################ -OPENSSL_VERSION = 1.0.2g +OPENSSL_VERSION = 1.0.2h OPENSSL_SITE = http://www.openssl.org/source OPENSSL_LICENSE = OpenSSL or SSLeay OPENSSL_LICENSE_FILES = LICENSE -- 2.30.2