openssl: security bump to version 1.0.2a
Fixes: CVE-2015-0291 - ClientHello sigalgs DoS CVE-2015-0290 - Multiblock corrupted pointer CVE-2015-0207 - Segmentation fault in DTLSv1_listen CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0208 - Segmentation fault for invalid PSS parameters CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0289 - PKCS7 NULL pointer dereferences CVE-2015-0293 - DoS via reachable assert in SSLv2 servers CVE-2015-1787 - Empty CKE with client auth and DHE CVE-2015-0285 - Handshake with unseeded PRNG CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref musl patch removed since it's no longer necessary. Signed-off-by:Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by:
Peter Korsgaard <peter@korsgaard.com>
Loading
Please register or sign in to comment