From 17f2bfaebd67d28ef10837f985a617094b6b7dd8 Mon Sep 17 00:00:00 2001
From: Francois Perrad <fperrad@gmail.com>
Date: Fri, 26 Nov 2021 18:26:49 +0100
Subject: [PATCH] package/libressl: security bump to version 3.4.2

Fixes the following security issues:

 * In some situations the X.509 verifier would discard an error on an
    unverified certificate chain, resulting in an authentication bypass.
    Thanks to Ilya Shipitsin and Timo Steinlein for reporting.

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/libressl/libressl.hash | 2 +-
 package/libressl/libressl.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/libressl/libressl.hash b/package/libressl/libressl.hash
index dbe3531828..990ec8bda8 100644
--- a/package/libressl/libressl.hash
+++ b/package/libressl/libressl.hash
@@ -1,4 +1,4 @@
 # From https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/SHA256
-sha256  107ceae6ca800e81cb563584c16afa36d6c7138fade94a2b3e9da65456f7c61c  libressl-3.4.1.tar.gz
+sha256  cb82ca7d547336917352fbd23db2fc483c6c44d35157b32780214ec74197b3ce  libressl-3.4.2.tar.gz
 # Locally computed
 sha256  5c63613f008f16a9c0025c096bbd736cecf720494d121b5c5203e0ec6e5955b1  COPYING
diff --git a/package/libressl/libressl.mk b/package/libressl/libressl.mk
index 0ddc832dbc..6eee86dda9 100644
--- a/package/libressl/libressl.mk
+++ b/package/libressl/libressl.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-LIBRESSL_VERSION = 3.4.1
+LIBRESSL_VERSION = 3.4.2
 LIBRESSL_SITE = https://ftp.openbsd.org/pub/OpenBSD/LibreSSL
 LIBRESSL_LICENSE = ISC (new additions), OpenSSL or SSLeay (original OpenSSL code)
 LIBRESSL_LICENSE_FILES = COPYING