openssl: bump to 1.1.1d

This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-17 10:52:11 -03:00
parent ce536aeb39
commit d868d0a5d7
12 changed files with 224 additions and 2525 deletions
--- a/package/libs/openssl/patches/100-Configure-afalg-support.patch
+++ b/package/libs/openssl/patches/100-Configure-afalg-support.patch
@@ -1,4 +1,4 @@
-From bf4f3a5696c65b4a48935599ccba43311c114c95 Mon Sep 17 00:00:00 2001
+From 559fbff13af9ce2fbc0b9bc5727a7323e1db6217 Mon Sep 17 00:00:00 2001
 From: Eneas U de Queiroz <cote2004-github@yahoo.com>
 Date: Thu, 27 Sep 2018 08:29:21 -0300
 Subject: Do not use host kernel version to disable AFALG
@@ -8,9 +8,11 @@ version to disable building the AFALG engine on openwrt targets.

 Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>

+diff --git a/Configure b/Configure
+index 5a699836f3..74d057c219 100755
 --- a/Configure
 +++ b/Configure
-@@ -1535,7 +1535,9 @@ unless ($disabled{"crypto-mdebug-backtra
+@@ -1532,7 +1532,9 @@ unless ($disabled{"crypto-mdebug-backtrace"})
 
 unless ($disabled{afalgeng}) {
     $config{afalgeng}="";