diff options
author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-09-17 10:52:11 -0300 |
---|---|---|
committer | Petr Štetiar <ynezz@true.cz> | 2019-09-23 07:42:30 +0200 |
commit | b610572a9baf18a913231e5d90348af873986ddc (patch) | |
tree | d145d426dabbceba8bd37fcdafcd25ff2cc6db90 /package/libs/openssl/patches/120-strip-cflags-from-binary.patch | |
parent | 0b9f3c28ef6c37b42abdd02c19c96fe34d81ea33 (diff) | |
download | upstream-b610572a9baf18a913231e5d90348af873986ddc.tar.gz upstream-b610572a9baf18a913231e5d90348af873986ddc.tar.bz2 upstream-b610572a9baf18a913231e5d90348af873986ddc.zip |
openssl: bump to 1.1.1d
This version fixes 3 low-severity vulnerabilities:
- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
CMS_decrypt_set1_pkey
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit d868d0a5d7e1d76bb1a8980346d222fae55fa18b)
Diffstat (limited to 'package/libs/openssl/patches/120-strip-cflags-from-binary.patch')
-rw-r--r-- | package/libs/openssl/patches/120-strip-cflags-from-binary.patch | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/package/libs/openssl/patches/120-strip-cflags-from-binary.patch b/package/libs/openssl/patches/120-strip-cflags-from-binary.patch index d6e35b7451..75fb9d1684 100644 --- a/package/libs/openssl/patches/120-strip-cflags-from-binary.patch +++ b/package/libs/openssl/patches/120-strip-cflags-from-binary.patch @@ -1,16 +1,18 @@ -From f453f3eccb852740e37e9436dac5670d311c13b0 Mon Sep 17 00:00:00 2001 +From 4ad8f2fe6bf3b91df7904fcbe960e5fdfca36336 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz <cote2004-github@yahoo.com> Date: Thu, 27 Sep 2018 08:31:38 -0300 -Subject: void exposing build directories +Subject: Avoid exposing build directories The CFLAGS contain the build directories, and are shown by calling OpenSSL_version(OPENSSL_CFLAGS), or running openssl version -a Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com> +diff --git a/crypto/build.info b/crypto/build.info +index 2c619c62e8..893128345a 100644 --- a/crypto/build.info +++ b/crypto/build.info -@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink +@@ -10,7 +10,7 @@ EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ ppccpuid.pl pariscid.pl alphacpuid.pl arm64cpuid.pl armv4cpuid.pl DEPEND[cversion.o]=buildinf.h |