From 033f9730873ed7526ced21e72ba16a2937bab220 Mon Sep 17 00:00:00 2001 From: J0WI Date: Wed, 11 Sep 2019 18:25:47 +0200 Subject: main/openssl: security upgrade to 1.0.2t CVE-2019-1547 CVE-2019-1563 --- main/openssl/APKBUILD | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index cfab6962b7..2f884b3ac3 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Timo Teras pkgname=openssl -pkgver=1.0.2r +pkgver=1.0.2t pkgrel=0 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url="https://openssl.org" @@ -29,6 +29,9 @@ source="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz " # secfixes: +# 1.0.2t-r0: +# - CVE-2019-1547 +# - CVE-2019-1563 # 1.0.2h-r0: # - CVE-2016-2107 # - CVE-2016-2105 @@ -140,7 +143,7 @@ libssl() { done } -sha512sums="6eb2211f3ad56d7573ac26f388338592c37e5faaf5e2d44c0fa9062c12186e56a324f135d1c956a89b55fcce047e6428bec2756658d103e7275e08b46f741235 openssl-1.0.2r.tar.gz +sha512sums="0b88868933f42fab87e8b22449435a1091cc6e75f986aad6c173e01ad123161fcae8c226759073701bc65c9f2f0b6ce6a63a61203008ed873cfb6e484f32bc71 openssl-1.0.2t.tar.gz 2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c 0002-busybox-basename.patch 58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4 0003-use-termios.patch c67472879a31b5dbdd313892df6d37e7c93e8c0237d406c30d50b1016c2618ead3c13277f5dc723ef1ceed092d36e3c15a9777daa844f59b9fa2b0a4f04fd9ae 0004-fix-default-ca-path-for-apps.patch -- cgit v1.2.3