summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorYegor Yefremov <yegor_sub1@visionsystems.de>2011-09-07 14:25:02 +0200
committerPeter Korsgaard <jacmet@sunsite.dk>2011-09-13 00:17:15 +0200
commita50f6ef29e72b4725b0e53dbf28922c798eacf06 (patch)
tree6c50c7266c90d73aa9d4ee18fdcbe9266bd83fb7
parentd1a9698bec65de83d45b77977e14de45c4946516 (diff)
openssl: bump to 1.0.0e
Changes between 1.0.0d and 1.0.0e [6 Sep 2011] *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted by initialising X509_STORE_CTX properly. (CVE-2011-3207) [Kaspar Brand <ossl@velox.ch>] *) Fix SSL memory handling for (EC)DH ciphersuites, in particular for multi-threaded use of ECDH. (CVE-2011-3210) [Adam Langley (Google)] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check signature public key algorithm by using OID xref utilities instead. Before this you could only use some ECC ciphersuites with SHA1 only. [Steve Henson] *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: http://eprint.iacr.org/2011/232.pdf [Billy Bob Brumley and Nicola Tuveri] Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
-rw-r--r--package/openssl/openssl.mk2
1 files changed, 1 insertions, 1 deletions
diff --git a/package/openssl/openssl.mk b/package/openssl/openssl.mk
index 0163ef847..82a4fc4a0 100644
--- a/package/openssl/openssl.mk
+++ b/package/openssl/openssl.mk
@@ -4,7 +4,7 @@
#
#############################################################
-OPENSSL_VERSION = 1.0.0d
+OPENSSL_VERSION = 1.0.0e
OPENSSL_SITE = http://www.openssl.org/source
OPENSSL_INSTALL_STAGING = YES
OPENSSL_DEPENDENCIES = zlib