openssl: bump to 1.0.2t, add maintainer

This version fixes 3 low-severity vulnerabilities:

- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
                 CMS_decrypt_set1_pkey

Patches were refreshed, and Eneas U de Queiroz added as maintainer.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>

diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
index 99f1b861b452a4d915bf34eaad58cd55a99cf5d4..50939568c8a3087d2d92b6810a65e36bccde50ca 100644 (file)
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_BASE:=1.0.2
-PKG_BUGFIX:=s
+PKG_BUGFIX:=t
 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
@@ -24,10 +24,11 @@ PKG_SOURCE_URL:= \
        http://gd.tuwien.ac.at/infosys/security/openssl/source/ \
        http://www.openssl.org/source/ \
        http://www.openssl.org/source/old/$(PKG_BASE)/
-PKG_HASH:=cabd5c9492825ce5bd23f3c3aeed6a97f8142f606d893df216411f07d1abab96
+PKG_HASH:=14cb464efe7ac6b54799b34456bd69558a749a4931ecfd9cf9f71d7881cac7bc
 
 PKG_LICENSE:=OpenSSL
 PKG_LICENSE_FILES:=LICENSE
+PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
 PKG_CPE_ID:=cpe:/a:openssl:openssl
 PKG_CONFIG_DEPENDS:= \
        CONFIG_OPENSSL_ENGINE_CRYPTO \

diff --git a/package/libs/openssl/patches/150-no_engines.patch b/package/libs/openssl/patches/150-no_engines.patch
index a518a00496605edef7795f40feeb6aa7c4f41dfc..314075a9109b1aff92629257952593b3babac6a6 100644 (file)
--- a/package/libs/openssl/patches/150-no_engines.patch
+++ b/package/libs/openssl/patches/150-no_engines.patch
@@ -1,6 +1,6 @@
 --- a/Configure
 +++ b/Configure
-@@ -2144,6 +2144,11 @@ EOF
+@@ -2145,6 +2145,11 @@ EOF
        close(OUT);
    }