From f23df084cba26627366482d5a9ca8abd1bf05193 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Thu, 3 Dec 2015 21:08:28 +0000 Subject: [PATCH] CC: openssl: update to version 1.0.2e backport of r47726. This fixes the following security problems: * CVE-2015-3193 * CVE-2015-3194 * CVE-2015-3195) Signed-off-by: Hauke Mehrtens SVN-Revision: 47727 --- package/libs/openssl/Makefile | 4 ++-- .../openssl/patches/110-optimize-for-size.patch | 2 +- package/libs/openssl/patches/150-no_engines.patch | 2 +- .../openssl/patches/160-disable_doc_tests.patch | 6 +++--- .../patches/190-remove_timestamp_check.patch | 2 +- .../libs/openssl/patches/200-parallel_build.patch | 14 +++++++------- 6 files changed, 15 insertions(+), 15 deletions(-) diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 7f0da8b887..6909f97e0d 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl -PKG_VERSION:=1.0.2d +PKG_VERSION:=1.0.2e PKG_RELEASE:=1 PKG_USE_MIPS16:=0 @@ -18,7 +18,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.openssl.org/source/ \ ftp://ftp.funet.fi/pub/crypt/mirrors/ftp.openssl.org/source \ ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/ -PKG_MD5SUM:=38dd619b2e77cbac69b99f52a053d25a +PKG_MD5SUM:=5262bfa25b60ed9de9f28d5d52d77fc5 PKG_LICENSE:=OpenSSL PKG_LICENSE_FILES:=LICENSE diff --git a/package/libs/openssl/patches/110-optimize-for-size.patch b/package/libs/openssl/patches/110-optimize-for-size.patch index 0a0e59a3bf..5070284e3d 100644 --- a/package/libs/openssl/patches/110-optimize-for-size.patch +++ b/package/libs/openssl/patches/110-optimize-for-size.patch @@ -1,6 +1,6 @@ --- a/Configure +++ b/Configure -@@ -460,6 +460,12 @@ my %table=( +@@ -461,6 +461,12 @@ my %table=( "linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", "linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}", diff --git a/package/libs/openssl/patches/150-no_engines.patch b/package/libs/openssl/patches/150-no_engines.patch index e0c80e4c88..8cccddb87e 100644 --- a/package/libs/openssl/patches/150-no_engines.patch +++ b/package/libs/openssl/patches/150-no_engines.patch @@ -1,6 +1,6 @@ --- a/Configure +++ b/Configure -@@ -2103,6 +2103,11 @@ EOF +@@ -2106,6 +2106,11 @@ EOF close(OUT); } diff --git a/package/libs/openssl/patches/160-disable_doc_tests.patch b/package/libs/openssl/patches/160-disable_doc_tests.patch index f7c09b6174..274e5d0bbb 100644 --- a/package/libs/openssl/patches/160-disable_doc_tests.patch +++ b/package/libs/openssl/patches/160-disable_doc_tests.patch @@ -27,7 +27,7 @@ WDIRS= windows LIBS= libcrypto.a libssl.a SHARED_CRYPTO=libcrypto$(SHLIB_EXT) -@@ -272,7 +272,7 @@ reflect: +@@ -274,7 +274,7 @@ reflect: sub_all: build_all @@ -36,7 +36,7 @@ build_libs: build_libcrypto build_libssl openssl.pc -@@ -529,7 +529,7 @@ dist: +@@ -534,7 +534,7 @@ dist: dist_pem_h: (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) @@ -47,7 +47,7 @@ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ --- a/Makefile.org +++ b/Makefile.org -@@ -527,7 +527,7 @@ dist: +@@ -532,7 +532,7 @@ dist: dist_pem_h: (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) diff --git a/package/libs/openssl/patches/190-remove_timestamp_check.patch b/package/libs/openssl/patches/190-remove_timestamp_check.patch index acf97bc33b..c468bf5983 100644 --- a/package/libs/openssl/patches/190-remove_timestamp_check.patch +++ b/package/libs/openssl/patches/190-remove_timestamp_check.patch @@ -9,7 +9,7 @@ # as we stick to -e, CLEARENV ensures that local variables in lower # Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn -@@ -399,11 +399,6 @@ openssl.pc: Makefile +@@ -401,11 +401,6 @@ openssl.pc: Makefile echo 'Version: '$(VERSION); \ echo 'Requires: libssl libcrypto' ) > openssl.pc diff --git a/package/libs/openssl/patches/200-parallel_build.patch b/package/libs/openssl/patches/200-parallel_build.patch index c3fc3f3b4c..edb201a458 100644 --- a/package/libs/openssl/patches/200-parallel_build.patch +++ b/package/libs/openssl/patches/200-parallel_build.patch @@ -1,6 +1,6 @@ --- a/Makefile.org +++ b/Makefile.org -@@ -278,17 +278,17 @@ build_libcrypto: build_crypto build_engi +@@ -280,17 +280,17 @@ build_libcrypto: build_crypto build_engi build_libssl: build_ssl libssl.pc build_crypto: @@ -24,7 +24,7 @@ all_testapps: build_libs build_testapps build_testapps: -@@ -460,7 +460,7 @@ update: errors stacks util/libeay.num ut +@@ -462,7 +462,7 @@ update: errors stacks util/libeay.num ut @set -e; target=update; $(RECURSIVE_BUILD_CMD) depend: @@ -33,7 +33,7 @@ lint: @set -e; target=lint; $(RECURSIVE_BUILD_CMD) -@@ -522,9 +522,9 @@ dist: +@@ -527,9 +527,9 @@ dist: dist_pem_h: (cd crypto/pem; $(MAKE) -e $(BUILDENV) pem.h; $(MAKE) clean) @@ -45,7 +45,7 @@ @$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \ $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \ -@@ -533,12 +533,19 @@ install_sw: +@@ -538,12 +538,19 @@ install_sw: $(INSTALL_PREFIX)$(OPENSSLDIR)/misc \ $(INSTALL_PREFIX)$(OPENSSLDIR)/certs \ $(INSTALL_PREFIX)$(OPENSSLDIR)/private @@ -66,7 +66,7 @@ @set -e; liblist="$(LIBS)"; for i in $$liblist ;\ do \ if [ -f "$$i" ]; then \ -@@ -622,12 +629,7 @@ install_html_docs: +@@ -627,12 +634,7 @@ install_html_docs: done; \ done @@ -164,7 +164,7 @@ ctags $(SRC) --- a/test/Makefile +++ b/test/Makefile -@@ -134,7 +134,7 @@ install: +@@ -138,7 +138,7 @@ install: tags: ctags $(SRC) @@ -173,7 +173,7 @@ apps: @(cd ..; $(MAKE) DIRS=apps all) -@@ -538,7 +538,7 @@ $(VERIFYEXTRATEST)$(EXE_EXT): $(VERIFYEX +@@ -549,7 +549,7 @@ $(CLIENTHELLOTEST)$(EXE_EXT): $(CLIENTHE # fi dummytest$(EXE_EXT): dummytest.o $(DLIBCRYPTO) -- 2.30.2