openssl: bump to 1.1.1d

This version fixes 3 low-severity vulnerabilities: - CVE-2019-1547: ECDSA remote timing attack - CVE-2019-1549: Fork Protection - CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and CMS_decrypt_set1_pkey Patches were refreshed. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2019-09-17 10:52:11 -03:00
parent ce536aeb39
commit d868d0a5d7
12 changed files with 224 additions and 2525 deletions
--- a/package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch
+++ b/package/libs/openssl/patches/510-e_devcrypto-ignore-error-when-closing-session.patch
@@ -1,16 +1,18 @@
-From b6e6d157367bae91a8015434769572e430257d40 Mon Sep 17 00:00:00 2001
+From b6b2744f06f64922b449b3cb4bf0ad3df3efba71 Mon Sep 17 00:00:00 2001
 From: Eneas U de Queiroz <cote2004-github@yahoo.com>
 Date: Mon, 11 Mar 2019 10:15:14 -0300
-Subject: [PATCH] e_devcrypto: ignore error when closing session
+Subject: e_devcrypto: ignore error when closing session

 In cipher_init, ignore an eventual error when closing the previous
 session.  It may have been closed by another process after a fork.

 Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>

+diff --git a/engines/e_devcrypto.c b/engines/e_devcrypto.c
+index 7741138b82..2480bdbd57 100644
 --- a/engines/e_devcrypto.c
 +++ b/engines/e_devcrypto.c
-@@ -197,9 +197,8 @@ static int cipher_init(EVP_CIPHER_CTX *c
+@@ -197,9 +197,8 @@ static int cipher_init(EVP_CIPHER_CTX *ctx, const unsigned char *key,
         get_cipher_data(EVP_CIPHER_CTX_nid(ctx));
 
     /* cleanup a previous session */