From cdf7c3a16e60a9ce6ba2b362b0c1a40c2fe4a17a Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Tue, 24 Oct 2023 22:42:19 +0200 Subject: [PATCH] openssl: update to 3.0.12 Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023] * Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363) Signed-off-by: Hauke Mehrtens (cherry picked from commit e4ebc7b5662d6436fcc84b8e1583204b96fb0503) --- package/libs/openssl/Makefile | 4 ++-- .../libs/openssl/patches/120-strip-cflags-from-binary.patch | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 459d367372..4b1388e7af 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl -PKG_VERSION:=3.0.11 +PKG_VERSION:=3.0.12 PKG_RELEASE:=1 PKG_BUILD_FLAGS:=no-mips16 gc-sections no-lto @@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \ ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/ -PKG_HASH:=b3425d3bb4a2218d0697eb41f7fc0cdede016ed19ca49d168b78e8d947887f55 +PKG_HASH:=f93c9e8edde5e9166119de31755fc87b4aa34863662f67ddfcba14d0b6b69b61 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE diff --git a/package/libs/openssl/patches/120-strip-cflags-from-binary.patch b/package/libs/openssl/patches/120-strip-cflags-from-binary.patch index c4f2540395..ebdb940b42 100644 --- a/package/libs/openssl/patches/120-strip-cflags-from-binary.patch +++ b/package/libs/openssl/patches/120-strip-cflags-from-binary.patch @@ -10,7 +10,7 @@ Signed-off-by: Eneas U de Queiroz --- a/crypto/build.info +++ b/crypto/build.info -@@ -111,7 +111,7 @@ DEFINE[../libcrypto]=$UPLINKDEF +@@ -109,7 +109,7 @@ DEFINE[../libcrypto]=$UPLINKDEF DEPEND[info.o]=buildinf.h DEPEND[cversion.o]=buildinf.h -- 2.30.2