openssl: update to version 1.0.2k

This fixes the following security problems:
CVE-2017-3731: Truncated packet could crash via OOB read
CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64
CVE-2016-7055: Montgomery multiplication may produce incorrect results

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
openwrt-18.06
Hauke Mehrtens 2017-01-27 23:36:45 +01:00
parent 4d1515070b
commit 12db207e9b
6 changed files with 13 additions and 13 deletions

View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openssl
PKG_BASE:=1.0.2
PKG_BUGFIX:=j
PKG_BUGFIX:=k
PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
PKG_RELEASE:=1
PKG_USE_MIPS16:=0
@ -23,7 +23,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \
http://www.openssl.org/source/old/$(PKG_BASE)/ \
ftp://ftp.funet.fi/pub/crypt/mirrors/ftp.openssl.org/source \
ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
PKG_HASH:=e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431
PKG_HASH:=6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0
PKG_LICENSE:=OpenSSL
PKG_LICENSE_FILES:=LICENSE

View File

@ -1,6 +1,6 @@
--- a/Configure
+++ b/Configure
@@ -468,6 +468,12 @@ my %table=(
@@ -470,6 +470,12 @@ my %table=(
"linux-alpha-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",
"linux-alpha+bwx-ccc","ccc:-fast -readonly_strings -DL_ENDIAN::-D_REENTRANT:::SIXTY_FOUR_BIT_LONG RC4_CHAR RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL:${alpha_asm}",

View File

@ -1,6 +1,6 @@
--- a/Configure
+++ b/Configure
@@ -2114,6 +2114,11 @@ EOF
@@ -2128,6 +2128,11 @@ EOF
close(OUT);
}

View File

@ -27,7 +27,7 @@
WDIRS= windows
LIBS= libcrypto.a libssl.a
SHARED_CRYPTO=libcrypto$(SHLIB_EXT)
@@ -275,7 +275,7 @@ reflect:
@@ -276,7 +276,7 @@ reflect:
sub_all: build_all
@ -36,7 +36,7 @@
build_libs: build_libcrypto build_libssl openssl.pc
@@ -533,7 +533,7 @@ dist:
@@ -534,7 +534,7 @@ dist:
@$(MAKE) SDIRS='$(SDIRS)' clean
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
@ -47,7 +47,7 @@
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
--- a/Makefile.org
+++ b/Makefile.org
@@ -531,7 +531,7 @@ dist:
@@ -532,7 +532,7 @@ dist:
@$(MAKE) SDIRS='$(SDIRS)' clean
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar

View File

@ -9,7 +9,7 @@
# as we stick to -e, CLEARENV ensures that local variables in lower
# Makefiles remain local and variable. $${VAR+VAR} is tribute to Korn
@@ -403,11 +403,6 @@ openssl.pc: Makefile
@@ -404,11 +404,6 @@ openssl.pc: Makefile
echo 'Version: '$(VERSION); \
echo 'Requires: libssl libcrypto' ) > openssl.pc

View File

@ -1,6 +1,6 @@
--- a/Makefile.org
+++ b/Makefile.org
@@ -281,17 +281,17 @@ build_libcrypto: build_crypto build_engi
@@ -282,17 +282,17 @@ build_libcrypto: build_crypto build_engi
build_libssl: build_ssl libssl.pc
build_crypto:
@ -24,7 +24,7 @@
all_testapps: build_libs build_testapps
build_testapps:
@@ -464,7 +464,7 @@ update: errors stacks util/libeay.num ut
@@ -465,7 +465,7 @@ update: errors stacks util/libeay.num ut
@set -e; target=update; $(RECURSIVE_BUILD_CMD)
depend:
@ -33,7 +33,7 @@
lint:
@set -e; target=lint; $(RECURSIVE_BUILD_CMD)
@@ -526,9 +526,9 @@ dist:
@@ -527,9 +527,9 @@ dist:
@$(MAKE) SDIRS='$(SDIRS)' clean
@$(MAKE) TAR='$(TAR)' TARFLAGS='$(TARFLAGS)' $(DISTTARVARS) tar
@ -45,7 +45,7 @@
@$(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/bin \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR) \
$(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines \
@@ -537,12 +537,19 @@ install_sw:
@@ -538,12 +538,19 @@ install_sw:
$(INSTALL_PREFIX)$(OPENSSLDIR)/misc \
$(INSTALL_PREFIX)$(OPENSSLDIR)/certs \
$(INSTALL_PREFIX)$(OPENSSLDIR)/private
@ -66,7 +66,7 @@
@set -e; liblist="$(LIBS)"; for i in $$liblist ;\
do \
if [ -f "$$i" ]; then \
@@ -626,12 +633,7 @@ install_html_docs:
@@ -627,12 +634,7 @@ install_html_docs:
done; \
done