openssl: update to version 1.0.2p

This fixes the following security problems: * CVE-2018-0732: Client DoS due to large DH parameter * CVE-2018-0737: Cache timing vulnerability in RSA Key Generation Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-08-15 22:17:11 +02:00 · 2018-08-15 22:17:11 +02:00 · d3b8b5be34
parent f3865bd4ef
commit d3b8b5be34
3 changed files with 4 additions and 4 deletions
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk

 PKG_NAME:=openssl
 PKG_BASE:=1.0.2
-PKG_BUGFIX:=o
+PKG_BUGFIX:=p
 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
@ -23,7 +23,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \
 	http://www.openssl.org/source/old/$(PKG_BASE)/ \
 	ftp://ftp.funet.fi/pub/crypt/mirrors/ftp.openssl.org/source \
 	ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
-PKG_HASH:=ec3f5c9714ba0fd45cb4e087301eb1336c317e0d20b575a125050470e8089e4d
+PKG_HASH:=50a98e07b1a89eb8f6a99477f262df71c6fa7bef77df4dc83025a2845c827d00

 PKG_LICENSE:=OpenSSL
 PKG_LICENSE_FILES:=LICENSE
--- a/package/libs/openssl/patches/150-no_engines.patch
+++ b/package/libs/openssl/patches/150-no_engines.patch
@ -1,6 +1,6 @@
 --- a/Configure
 +++ b/Configure
-@@ -2135,6 +2135,11 @@ EOF
+@@ -2143,6 +2143,11 @@ EOF
 	close(OUT);
   }
   
--- a/package/libs/openssl/patches/200-parallel_build.patch
+++ b/package/libs/openssl/patches/200-parallel_build.patch
@ -173,7 +173,7 @@
 
 apps:
 	@(cd ..; $(MAKE) DIRS=apps all)
-@@ -586,7 +586,7 @@ $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssl
+@@ -593,7 +593,7 @@ $(DTLSTEST)$(EXE_EXT): $(DTLSTEST).o ssl
 #	fi
 
 dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO)