openssl: bump to 1.1.1v
authorHauke Mehrtens <hauke@hauke-m.de>
Fri, 11 Aug 2023 20:45:40 +0000 (22:45 +0200)
committerHauke Mehrtens <hauke@hauke-m.de>
Sat, 12 Aug 2023 09:46:51 +0000 (11:46 +0200)
Major changes between OpenSSL 1.1.1u and OpenSSL 1.1.1v [1 Aug 2023]

    o Fix excessive time spent checking DH q parameter value (CVE-2023-3817)
    o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446)

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
package/libs/openssl/Makefile

index fa359b7e1a0358bdba0ba3f825913c37eaccc6cf..c6d241ed1c984e8a3c92f34d2a3d93f2da7004e9 100644 (file)
@@ -9,9 +9,9 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_BASE:=1.1.1
-PKG_BUGFIX:=u
+PKG_BUGFIX:=v
 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
-PKG_RELEASE:=2
+PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
 
 PKG_BUILD_PARALLEL:=1
@@ -25,7 +25,7 @@ PKG_SOURCE_URL:= \
        ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
        ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
 
-PKG_HASH:=e2f8d84b523eecd06c7be7626830370300fbcc15386bf5142d72758f6963ebc6
+PKG_HASH:=d6697e2871e77238460402e9362d47d18382b15ef9f246aba6c7bd780d38a6b0
 
 PKG_LICENSE:=OpenSSL
 PKG_LICENSE_FILES:=LICENSE