openssl: security bump to version 1.0.2e

Fixes: CVE-2015-3193 - BN_mod_exp may produce incorrect results on x86_64 CVE-2015-3194 - Certificate verify crash with missing PSS parameter CVE-2015-3195 - X509_ATTRIBUTE memory leak Enable IDEA as well since otherwise the build breaks (always great upstream) - it's no longer patent encumbered. [Peter: correct sha256] Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-12-03 14:49:42 -03:00 · 2015-12-03 14:49:42 -03:00 · e9fb14ecef
commit e9fb14ecef
parent 99031f0b82
2 changed files with 3 additions and 4 deletions
--- a/package/openssl/openssl.hash
+++ b/package/openssl/openssl.hash
@ -1,2 +1,2 @@
-# From https://www.openssl.org/source/openssl-1.0.2d.tar.gz.sha256
+# From https://www.openssl.org/source/openssl-1.0.2e.tar.gz.sha256
-sha256	671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8	openssl-1.0.2d.tar.gz
+sha256	e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff	openssl-1.0.2e.tar.gz
--- a/package/openssl/openssl.mk
+++ b/package/openssl/openssl.mk
@ -4,7 +4,7 @@
 #
 ################################################################################
-OPENSSL_VERSION = 1.0.2d
+OPENSSL_VERSION = 1.0.2e
 OPENSSL_SITE = http://www.openssl.org/source
 OPENSSL_LICENSE = OpenSSL or SSLeay
 OPENSSL_LICENSE_FILES = LICENSE
@ -77,7 +77,6 @@ define OPENSSL_CONFIGURE_CMDS
 			--libdir=/lib \
 			$(if $(BR2_TOOLCHAIN_HAS_THREADS),threads,no-threads) \
 			$(if $(BR2_STATIC_LIBS),no-shared,shared) \
 			no-idea \
 			no-rc5 \
 			enable-camellia \
 			enable-mdc2 \
`@ -1,2 +1,2 @@`
	`# From https://www.openssl.org/source/openssl-1.0.2d.tar.gz.sha256`	`# From https://www.openssl.org/source/openssl-1.0.2e.tar.gz.sha256`
	`sha256 671c36487785628a703374c652ad2cebea45fa920ae5681515df25d9f2c9a8c8 openssl-1.0.2d.tar.gz`	`sha256 e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff openssl-1.0.2e.tar.gz`