openssl: bump to 1.1.1k
authorEneas U de Queiroz <cotequeiroz@gmail.com>
Fri, 26 Mar 2021 17:46:29 +0000 (14:46 -0300)
committerPetr Štetiar <ynezz@true.cz>
Fri, 26 Mar 2021 18:57:20 +0000 (19:57 +0100)
commit0bd0de7d43b3846ad0d7006294e1daaadfa7b532
treebd93e2a3640b47a260a26c5b80e15a2c20ff8b29
parent1276db918b086d5b1db7e6c81d19402b7c3a91ac
openssl: bump to 1.1.1k

This version fixes 2 security vulnerabilities, among other changes:

 - CVE-2021-3450: problem with verifying a certificate chain when using
   the X509_V_FLAG_X509_STRICT flag.

 - CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
   crafted renegotiation ClientHello message from a client.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
package/libs/openssl/Makefile
package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch