main/openssl: security upgrade to 1.0.1h (multiple CVE)

Newly fixed CVEs:
CVE-2014-0224 SSL/TLS MITM vulnerability
CVE-2014-0221 DTLS recursion flaw
CVE-2014-0195 DTLS invalid fragment vulnerability

Previously fixed in Alpine by cherry picks:
CVE-2014-0198 SSL_MODE_RELEASE_BUFFERS NULL pointer dereference

1 files changed, 0 insertions, 37 deletions

diff --git a/main/openssl/CVE-2014-0198.patch b/main/openssl/CVE-2014-0198.patch
deleted file mode 100644
index c473719551..0000000000
--- a/main/openssl/CVE-2014-0198.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From b107586c0c3447ea22dba8698ebbcd81bb29d48c Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Mon, 12 May 2014 00:38:37 +0100
-Subject: [PATCH] Fixed NULL pointer dereference. See PR#3321
-
----
- ssl/s3_pkt.c |    7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
-index 40eb0dd..d961d12 100644
---- a/ssl/s3_pkt.c
-+++ b/ssl/s3_pkt.c
-@@ -657,9 +657,6 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- 	SSL3_BUFFER *wb=&(s->s3->wbuf);
- 	SSL_SESSION *sess;
- 
-- 	if (wb->buf == NULL)
--		if (!ssl3_setup_write_buffer(s))
--			return -1;
- 
- 	/* first check if there is a SSL3_BUFFER still being written
- 	 * out.  This will happen with non blocking IO */
-@@ -675,6 +672,10 @@ static int do_ssl3_write(SSL *s, int type, const unsigned char *buf,
- 		/* if it went, fall through and send more stuff */
- 		}
- 
-+ 	if (wb->buf == NULL)
-+		if (!ssl3_setup_write_buffer(s))
-+			return -1;
-+
- 	if (len == 0 && !create_empty_fragment)
- 		return 0;
- 
--- 
-1.7.9.5
-