[package] openssl: update to v1.0.1a (CVE-2012-2110)
authorJo-Philipp Wich <jow@openwrt.org>
Thu, 19 Apr 2012 14:05:53 +0000 (14:05 +0000)
committerJo-Philipp Wich <jow@openwrt.org>
Thu, 19 Apr 2012 14:05:53 +0000 (14:05 +0000)
SVN-Revision: 31346

package/openssl/Makefile
package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch [new file with mode: 0644]

index 424bd39..b9b9b31 100644 (file)
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=openssl
-PKG_VERSION:=1.0.1
+PKG_VERSION:=1.0.1a
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
@@ -16,7 +16,7 @@ PKG_SOURCE_URL:=http://www.openssl.org/source/ \
        ftp://ftp.funet.fi/pub/crypt/cryptography/libs/openssl/source/ \
        ftp://ftp.webmonster.de/pub/openssl/source/ \
        ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/
-PKG_MD5SUM:=134f168bc2a8333f19f81d684841710b
+PKG_MD5SUM:=a0104320c0997cd33e18b8ea798609d1
 
 PKG_BUILD_DEPENDS:=ocf-crypto-headers
 PKG_CONFIG_DEPENDS:=CONFIG_OPENSSL_ENGINE
diff --git a/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch b/package/openssl/patches/210-no-OPENSSL_ia32cap_P.patch
new file mode 100644 (file)
index 0000000..6ddf009
--- /dev/null
@@ -0,0 +1,12 @@
+--- a/crypto/evp/e_rc4_hmac_md5.c
++++ b/crypto/evp/e_rc4_hmac_md5.c
+@@ -289,8 +289,6 @@ static EVP_CIPHER r4_hmac_md5_cipher=
+ const EVP_CIPHER *EVP_rc4_hmac_md5(void)
+       {
+-      extern unsigned int OPENSSL_ia32cap_P[];
+-      /* RC4_CHAR flag ------------vvvvv */
+-      return(OPENSSL_ia32cap_P[0]&(1<<20) ? NULL : &r4_hmac_md5_cipher);
++      return(&r4_hmac_md5_cipher);
+       }
+ #endif