From 20644e278a928af7b6ba3dab98e72de889abde1f Mon Sep 17 00:00:00 2001
From: J0WI <J0WI@users.noreply.github.com>
Date: Tue, 20 Nov 2018 21:00:15 +0100
Subject: main/openssl: security upgrade to 1.0.2q - CVE-2018-0734 -
 CVE-2018-5407

---
 main/openssl/APKBUILD | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 59ea4b6472..654f108f65 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,9 +1,9 @@
 # Maintainer: Timo Teras <timo.teras@iki.fi>
 pkgname=openssl
-pkgver=1.0.2p
+pkgver=1.0.2q
 pkgrel=0
 pkgdesc="Toolkit for SSL v2/v3 and TLS v1"
-url="http://openssl.org"
+url="https://openssl.org"
 depends=
 makedepends_build="perl"
 makedepends_host="zlib-dev"
@@ -14,7 +14,7 @@ license="openssl"
 
 subpackages="$pkgname-dev $pkgname-doc libcrypto1.0:libcrypto libssl1.0:libssl"
 
-source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
+source="https://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
 	0001-fix-manpages.patch
 	0002-busybox-basename.patch
 	0003-use-termios.patch
@@ -73,6 +73,9 @@ source="http://www.openssl.org/source/${pkgname}-${pkgver}.tar.gz
 #   1.0.2o-r1:
 #     - CVE-2018-0732
 #     - CVE-2018-0737
+#   1.0.2q-r0:
+#     - CVE-2018-0734
+#     - CVE-2018-5407
 
 _builddir="$srcdir"/$pkgname-$pkgver
 
@@ -160,7 +163,8 @@ libssl() {
 		ln -s ../../lib/${i##*/} "$subpkgdir"/usr/lib/${i##*/}
 	done
 }
-sha512sums="958c5a7c3324bbdc8f07dfb13e11329d9a1b4452c07cf41fbd2d42b5fe29c95679332a3476d24c2dc2b88be16e4a24744aba675a05a388c0905756c77a8a2f16  openssl-1.0.2p.tar.gz
+
+sha512sums="403e6cad42db3ba860c3fa4fa81c1b7b02f0b873259e5c19a7fc8e42de0854602555f1b1ca74f4e3a7737a4cbd3aac063061e628ec86534586500819fae7fec0  openssl-1.0.2q.tar.gz
 80589e386fe57470818757a182f444a79050e1f19683650268d551d8aa436902b3bf565bb7a2aa8464013e50229c8bed5bb89fbd8387469cdfdcd3941eb3e5db  0001-fix-manpages.patch
 2244f46cb18e6b98f075051dd2446c47f7590abccd108fbab707f168a20cad8d32220d704635973f09e3b2879f523be5160f1ffbc12ab3900f8a8891dc855c5c  0002-busybox-basename.patch
 58e42058a0c8086c49d681b1e226da39a8cf8cb88c51cf739dec2ff12e1bb5d7208ac5033264b186d58e9bdfe992fe9ddb95701d01caf1824396b2cefe30c0a4  0003-use-termios.patch
-- 
cgit v1.2.3