[OpenWrt-Devel,v2,18.06] openssl: update to 1.0.2s

Message ID	mailman.43881.1559325020.2376.openwrt-devel@lists.openwrt.org
State	Accepted
Headers	show Return-Path: <openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org> To: openwrt-devel@lists.openwrt.org MIME-Version: 1.0 Message-ID: <mailman.43881.1559325020.2376.openwrt-devel@lists.openwrt.org> From: Eneas U de Queiroz via openwrt-devel <openwrt-devel@lists.openwrt.org> Precedence: list Cc: Eneas U de Queiroz <cote2004-github@yahoo.com> Reply-To: Eneas U de Queiroz <cote2004-github@yahoo.com> Subject: [OpenWrt-Devel] [PATCH v2] [18.06] openssl: update to 1.0.2s Content-Type: multipart/mixed; boundary="===============5033515768861471771==" Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org> Date: Fri, 31 May 2019 17:50:21 +0000 Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org
Series	[OpenWrt-Devel,v2,18.06] openssl: update to 1.0.2s \| expand [OpenWrt-Devel,v2,18.06] openssl: update to 1.0.2s

Message ID

mailman.43881.1559325020.2376.openwrt-devel@lists.openwrt.org

State

Accepted

Headers

To: openwrt-devel@lists.openwrt.org
MIME-Version: 1.0
Message-ID: <mailman.43881.1559325020.2376.openwrt-devel@lists.openwrt.org>
From: Eneas U de Queiroz via openwrt-devel <openwrt-devel@lists.openwrt.org>
Precedence: list
Cc: Eneas U de Queiroz <cote2004-github@yahoo.com>
Reply-To: Eneas U de Queiroz <cote2004-github@yahoo.com>
Subject: [OpenWrt-Devel] [PATCH v2] [18.06] openssl: update to 1.0.2s
Content-Type: multipart/mixed;
	boundary="===============5033515768861471771=="
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>
Date: Fri, 31 May 2019 17:50:21 +0000
Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org

Series

[OpenWrt-Devel,v2,18.06] openssl: update to 1.0.2s | expand

Commit Message

Thomas Richard via openwrt-devel May 31, 2019, 5:50 p.m. UTC

The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.

To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Highlights of this version:
- Change default RSA, DSA and DH size to 2048 bit
- Reject invalid EC point coordinates
  This avoids CVE-2019-9498 and CVE-2019-9499 in hostapd

Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
---

Notes:
    Run-tested on mvebu/arm/WRT3200ACM & brcm47xx/mipsel/WRT610N,
    using openssl-util
    
    Change Log:
    
    v2: corrected typo in commit message

diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile
index 2902ce15c7..99f1b861b4 100644
--- a/package/libs/openssl/Makefile
+++ b/package/libs/openssl/Makefile
@@ -9,7 +9,7 @@  include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
 PKG_BASE:=1.0.2
-PKG_BUGFIX:=r
+PKG_BUGFIX:=s
 PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
 PKG_RELEASE:=1
 PKG_USE_MIPS16:=0
@@ -24,7 +24,7 @@  PKG_SOURCE_URL:= \
 	http://gd.tuwien.ac.at/infosys/security/openssl/source/ \
 	http://www.openssl.org/source/ \
 	http://www.openssl.org/source/old/$(PKG_BASE)/
-PKG_HASH:=ae51d08bba8a83958e894946f15303ff894d75c2b8bbd44a852b64e3fe11d0d6
+PKG_HASH:=cabd5c9492825ce5bd23f3c3aeed6a97f8142f606d893df216411f07d1abab96
 
 PKG_LICENSE:=OpenSSL
 PKG_LICENSE_FILES:=LICENSE

[OpenWrt-Devel,v2,18.06] openssl: update to 1.0.2s

Commit Message

Patch