From b610572a9baf18a913231e5d90348af873986ddc Mon Sep 17 00:00:00 2001
From: Eneas U de Queiroz <cotequeiroz@gmail.com>
Date: Tue, 17 Sep 2019 10:52:11 -0300
Subject: openssl: bump to 1.1.1d

This version fixes 3 low-severity vulnerabilities:

- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
		 CMS_decrypt_set1_pkey

Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit d868d0a5d7e1d76bb1a8980346d222fae55fa18b)
---
 .../500-e_devcrypto-default-to-not-use-digests-in-engine.patch    | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch')

diff --git a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch b/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch
index bca198eb34..89385fa477 100644
--- a/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch
+++ b/package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch
@@ -1,7 +1,7 @@
-From 5d3be6bc8ed7d73ab2c4d389fb0f0a03dacd04b1 Mon Sep 17 00:00:00 2001
+From 52ddedc09ee81fe05ea2fa384fce89afe92d6d72 Mon Sep 17 00:00:00 2001
 From: Eneas U de Queiroz <cote2004-github@yahoo.com>
 Date: Mon, 11 Mar 2019 09:29:13 -0300
-Subject: [PATCH] e_devcrypto: default to not use digests in engine
+Subject: e_devcrypto: default to not use digests in engine
 
 Digests are almost always slower when using /dev/crypto because of the
 cost of the context switches.  Only for large blocks it is worth it.
@@ -19,6 +19,8 @@ turn them on if it is safe and fast enough.
 
 Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
 
+diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c
+index fb5c6e1636..7741138b82 100644
 --- a/engines/e_devcrypto.c
 +++ b/engines/e_devcrypto.c
 @@ -854,7 +854,7 @@ static void prepare_digest_methods(void)
@@ -30,7 +32,7 @@ Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
  
          /*
           * Check that the digest is usable
-@@ -1074,7 +1074,7 @@ static const ENGINE_CMD_DEFN devcrypto_c
+@@ -1074,7 +1074,7 @@ static const ENGINE_CMD_DEFN devcrypto_cmds[] = {
  #ifdef IMPLEMENT_DIGEST
     {DEVCRYPTO_CMD_DIGESTS,
      "DIGESTS",
-- 
cgit v1.2.3