Commit 53c8d64c authored by Gustavo Zacarias's avatar Gustavo Zacarias Committed by Thomas Petazzoni
Browse files

openssl: security bump to version 1.0.2b 



CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent
CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
CVE-2015-1788 - Malformed ECParameters causes infinite loop
CVE-2015-1792 - CMS verify infinite loop with unknown hash function
CVE-2015-1791 - Race condition handling NewSessionTicket

Signed-off-by: default avatarGustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: default avatarThomas Petazzoni <thomas.petazzoni@free-electrons.com>
parent 316a0a43

package/openssl/005-Make-c_rehash-match-commands-starting-with-minus-inste.patch

deleted100644 → 0
+0 −27
Original line number Diff line number Diff line 
From 079cae9d7628f16b9efdf5723d2bfae5bdc2ba4e Mon Sep 17 00:00:00 2001

From: Gustavo Zacarias <gustavo@zacarias.com.ar>

Date: Tue, 27 Jan 2015 18:27:32 -0300

Subject: [PATCH] Make c_rehash match commands starting with - (minus) instead

 of minus in any starting position, otherwise a directory named a-b breaks it



Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>

---

 tools/c_rehash.in | 2 +-

 1 file changed, 1 insertion(+), 1 deletion(-)



diff --git a/tools/c_rehash.in b/tools/c_rehash.in

index 887e927..1df2fab 100644

--- a/tools/c_rehash.in

+++ b/tools/c_rehash.in

@@ -15,7 +15,7 @@ my $symlink_exists=eval {symlink("",""); 1};

 my $removelinks = 1;

 

 ##  Parse flags.

-while ( $ARGV[0] =~ '-.*' ) {

+while ( $ARGV[0] =~ '^-.*' ) {

     my $flag = shift @ARGV;

     last if ( $flag eq '--');

     if ( $flag =~ /-old/) {

-- 

2.0.5

package/openssl/openssl.hash

+4 −4
Original line number Diff line number Diff line 
# From https://www.openssl.org/source/openssl-1.0.2a.tar.gz.md5

# From https://www.openssl.org/source/openssl-1.0.2a.tar.gz.sha1

md5	a06c547dac9044161a477211049f60ef	openssl-1.0.2a.tar.gz

sha1	46ecd325b8e587fa491f6bb02ad4a9fb9f382f5f	openssl-1.0.2a.tar.gz
 
# From https://www.openssl.org/source/openssl-1.0.2b.tar.gz.md5

# From https://www.openssl.org/source/openssl-1.0.2b.tar.gz.sha1

md5	7729b259e2dea7d60b32fc3934d6984b	openssl-1.0.2b.tar.gz

sha1	9006e53ca56a14d041e3875320eedfa63d82aba7	openssl-1.0.2b.tar.gz

package/openssl/openssl.mk

+1 −1
Original line number Diff line number Diff line
@@ -4,7 +4,7 @@ 
#

################################################################################



OPENSSL_VERSION = 1.0.2a

OPENSSL_VERSION = 1.0.2b

OPENSSL_SITE = http://www.openssl.org/source

OPENSSL_LICENSE = OpenSSL or SSLeay

OPENSSL_LICENSE_FILES = LICENSE