openssl: bump to 1.1.1d
authorEneas U de Queiroz <cotequeiroz@gmail.com>
Tue, 17 Sep 2019 13:52:11 +0000 (10:52 -0300)
committerHans Dedecker <dedeckeh@gmail.com>
Thu, 19 Sep 2019 19:28:53 +0000 (21:28 +0200)
commitd868d0a5d7e1d76bb1a8980346d222fae55fa18b
treefa505ae31a91c2e33b0941bb1561d9a144c74a12
parentce536aeb3958dd305f4156f5ed55fd02f2e49736
openssl: bump to 1.1.1d

This version fixes 3 low-severity vulnerabilities:

- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
 CMS_decrypt_set1_pkey

Patches were refreshed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
12 files changed:
package/libs/openssl/Makefile
package/libs/openssl/patches/100-Configure-afalg-support.patch
package/libs/openssl/patches/110-openwrt_targets.patch
package/libs/openssl/patches/120-strip-cflags-from-binary.patch
package/libs/openssl/patches/130-dont-build-tests-fuzz.patch
package/libs/openssl/patches/140-allow-prefer-chacha20.patch
package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch
package/libs/openssl/patches/410-eng_devcrypto-add-configuration-options.patch
package/libs/openssl/patches/420-eng_devcrypto-add-command-to-dump-driver-info.patch
package/libs/openssl/patches/430-e_devcrypto-make-the-dev-crypto-engine-dynamic.patch
package/libs/openssl/patches/500-e_devcrypto-default-to-not-use-digests-in-engine.patch
package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch