From 26dd384585d2182a35bd9450091726b6472b3b24 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Ter=C3=A4s?= Date: Fri, 9 Jan 2015 08:16:24 +0200 Subject: main/openssl: security upgrade to 1.0.1k CVE-2014-3571 DTLS segmentation fault in dtls1_get_record CVE-2015-0206 DTLS memory leak in dtls1_buffer_record CVE-2014-3569 no-ssl3 configuration sets method to NULL CVE-2014-3572 ECDHE silently downgrades to ECDH [Client] CVE-2015-0204 RSA silently downgrades to EXPORT_RSA [Client] CVE-2015-0205 DH client certificates accepted without verification [Server] CVE-2014-8275 Certificate fingerprints can be modified CVE-2014-3570 Bignum squaring may produce incorrect results --- main/openssl/APKBUILD | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'main/openssl/APKBUILD') diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD index 9b78fc45a..46ab448c4 100644 --- a/main/openssl/APKBUILD +++ b/main/openssl/APKBUILD @@ -1,6 +1,6 @@ # Maintainer: Timo Teras pkgname=openssl -pkgver=1.0.1j +pkgver=1.0.1k pkgrel=0 pkgdesc="Toolkit for SSL v2/v3 and TLS v1" url="http://openssl.org" @@ -129,11 +129,11 @@ libssl() { done } -md5sums="f7175c9cd3c39bb1907ac8bba9df8ed3 openssl-1.0.1j.tar.gz +md5sums="d4f002bd22a56881340105028842ae1f openssl-1.0.1k.tar.gz f75151bfdd0e1f5191e0d0e7147e1638 fix-manpages.patch c6a9857a5dbd30cead0404aa7dd73977 openssl-bb-basename.patch ddb5fc155145d5b852425adaec32234d 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch -4a7b9e20beb33a5e262ab64c2b8e5b48 0002-engines-e_padlock-backport-cvs-head-changes.patch +a7717dd564ef876d4923a80751714d63 0002-engines-e_padlock-backport-cvs-head-changes.patch cef4633142031b59960200e87ce3bb18 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch c32f42451a07267ee5dfb3781fa40c00 0004-crypto-engine-autoload-padlock-dynamic-engine.patch c5b1042a3acaf3591f3f5620b7086e12 0005-s_client-ircv3-starttls.patch @@ -143,11 +143,11 @@ efec1bce615256961b1756e575ee1d0a fix-default-apps-capath.patch 05ad806219cef6fa5692ac727af7fab6 c_rehash.c 60ca340e32944e4825747e3681ccd553 openssl-1.0.1-parallel-build.patch b7f2421187ae2b4c7e424cda2022d41d abi-compat-no-freelists.patch" -sha256sums="1b60ca8789ba6f03e8ef20da2293b8dc131c39d83814e775069f02d26354edf3 openssl-1.0.1j.tar.gz +sha256sums="8f9faeaebad088e772f4ef5e38252d472be4d878c6b3a2718c10a4fcebe7a41c openssl-1.0.1k.tar.gz 92296c9e121af10ecc1e302695bf2ceacaa9b00702e580504fc0ed04a9fba86e fix-manpages.patch 82863c2fed659a7186c7f3905a1853b8bd8060350ad101ce159fa7e7d2ba27e8 openssl-bb-basename.patch 18dd81fefb39b3328a444774ed10871ed50348ca171d2da9f826f916127b2dae 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch -39c31c2e33cded09543a2d1fd2e3238e9d11c672ba71a14d13095baad3ec9696 0002-engines-e_padlock-backport-cvs-head-changes.patch +30fbadf31dc13d9bcc758741f5560f6e13dd66c067f62d1b9066fb656f6aaaf2 0002-engines-e_padlock-backport-cvs-head-changes.patch cbb2493ec9157e78035e9cc02be17655996ee9cd0a71b79507fc19f3862f452b 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch 157ec6d17add25b96956abc7c44259c91eebe8a6c1026cdb976b895bf42ec56f 0004-crypto-engine-autoload-padlock-dynamic-engine.patch 44b553d92e33c48f854a8e15b23830375bc400e987505c74956ac196266f0d46 0005-s_client-ircv3-starttls.patch @@ -157,11 +157,11 @@ cbb2493ec9157e78035e9cc02be17655996ee9cd0a71b79507fc19f3862f452b 0003-engines-e 7b0947fd09ad1e8d9cea360b883090025b40193d0fc8a631f2e3bb42db28d76b c_rehash.c bd56e5fe1b6fe594ab93f34d25fef0b7372633bad8532f81da998f3e6655d221 openssl-1.0.1-parallel-build.patch 41c7c1e5bea7f7e0ccc59203a48f097948627d72fcf87f943fcfe8c14b4069a2 abi-compat-no-freelists.patch" -sha512sums="a786bb99b68d88c1de79d3c5372767f091ebeefb5abc1d4883253fd3ab5a86af53389f5ff36fdd8faa27c5fb78be8bbff406392c373358697da80d250eadebb8 openssl-1.0.1j.tar.gz +sha512sums="8b000fbd1bf919d9913a314f99aedd48a69f6caa4ccf43237889e73e08cbe0d82bfc27e9c7c4cade09fc459f91d6c4a831a9b3fc8bca0344fb864eadd7d1e8e8 openssl-1.0.1k.tar.gz b0eda7e9b53195b0855da68617201c3c7026eb7464ab58f0bc9923013663ec6b826d1868fe88b87118d3134114cbd9ac15d2c8389c85ef9c1bb4d18575b68a5b fix-manpages.patch 6c4f4b0c1b606b3e5a8175618c4398923392f9c25ad8d3f5b65b0424fe51e104c4f456d2da590d9f572382225ab320278e88db1585790092450cad60a02819a5 openssl-bb-basename.patch ea282b09d4692a29e5a554e19b0798fa921717d4892decc68cba92cad11e85e4064d8ac78d98f6fa8bb45c65fdd1a5d1a6f6755e53102d520e9d8b807c3a7822 0001-crypto-hmac-support-EVP_MD_CTX_FLAG_ONESHOT-and-set-.patch -96cdd28d1ad5efd3f5836b4c57c9c6ea8e790fbf919e32a8c4acd3883a3531b8d295053a4aa20e6165600153b141ce7b0a3d1d736fdfc325d59862b845aa4d98 0002-engines-e_padlock-backport-cvs-head-changes.patch +c86694b1931ef16eb467f5228a7ea2c36c90570daedb405bb24e7915b2e29f9ba20386cdef0ebea6af23ca04839d713bd05f0c8f3b7f6377331a6ab96c505f44 0002-engines-e_padlock-backport-cvs-head-changes.patch b019320869d215014ad46e0b29aa239e31243571c4d45256b3ce6449a67fdc106a381c1cf3abd55ddbfd6a0e9ffa3e3167377317cbc72b254b1f9bcc0e22b8b6 0003-engines-e_padlock-implement-sha1-sha224-sha256-accel.patch 3bedc326ca3e5945bc4ec4dccfe596042ee87aaeaf90b5063110a99cc8e38584838d68289907e4a3fcdb8e04635052ad0759c94e1d7070bb317c2066e2506bbe 0004-crypto-engine-autoload-padlock-dynamic-engine.patch 70cd257bbd5a86685dc2508399e67746b60ed5d581eb84fe4d4fc6af214f31b71e2a58ad758d572976a61f67bf64c37a935a9788db160f75bced75397b9bcce3 0005-s_client-ircv3-starttls.patch -- cgit v1.2.3