From f24a029c3e6db2ca4c1f017722a9d8394b996e96 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Fri, 11 Aug 2023 22:45:40 +0200 Subject: [PATCH] openssl: bump to 1.1.1v Major changes between OpenSSL 1.1.1u and OpenSSL 1.1.1v [1 Aug 2023] o Fix excessive time spent checking DH q parameter value (CVE-2023-3817) o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446) Signed-off-by: Hauke Mehrtens (cherry picked from commit de29f15af173e9434d11a00ffcf437bd6bc97727) --- package/libs/openssl/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 3535859bf4..2b7cd81035 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl PKG_BASE:=1.1.1 -PKG_BUGFIX:=u +PKG_BUGFIX:=v PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX) PKG_RELEASE:=1 PKG_USE_MIPS16:=0 @@ -26,7 +26,7 @@ PKG_SOURCE_URL:= \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/ -PKG_HASH:=e2f8d84b523eecd06c7be7626830370300fbcc15386bf5142d72758f6963ebc6 +PKG_HASH:=d6697e2871e77238460402e9362d47d18382b15ef9f246aba6c7bd780d38a6b0 PKG_LICENSE:=OpenSSL PKG_LICENSE_FILES:=LICENSE -- 2.30.2