From: Sven Roederer Date: Mon, 28 Jan 2019 19:11:50 +0000 (+0100) Subject: openssl: bump to 1.0.2q X-Git-Tag: v17.01.7~22 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6c14b29bf1c28ca2cb171b1a46d1c880c0794f1d;p=oweals%2Fopenwrt.git openssl: bump to 1.0.2q This fixes the following security problems: * CVE-2018-5407: Microarchitecture timing vulnerability in ECC scalar multiplication * CVE-2018-0734: Timing vulnerability in DSA signature generation * Resolve a compatibility issue in EC_GROUP handling with the FIPS Object Module Signed-off-by: Sven Roederer (backport of commit 989060478ae270885727d91c25b9b52b0f33743c) --- diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index d8680cef5a..7167a64f3d 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl PKG_BASE:=1.0.2 -PKG_BUGFIX:=p +PKG_BUGFIX:=q PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX) PKG_RELEASE:=1 PKG_USE_MIPS16:=0 @@ -23,7 +23,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \ http://www.openssl.org/source/old/$(PKG_BASE)/ \ ftp://ftp.funet.fi/pub/crypt/mirrors/ftp.openssl.org/source \ ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/ -PKG_HASH:=50a98e07b1a89eb8f6a99477f262df71c6fa7bef77df4dc83025a2845c827d00 +PKG_HASH:=5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684 PKG_LICENSE:=OpenSSL PKG_LICENSE_FILES:=LICENSE