[Buildroot] [git commit] package/openssl: security bump to version 1.0.2f
Peter Korsgaard
peter at korsgaard.com
Thu Jan 28 21:26:15 UTC 2016
commit: https://git.buildroot.net/buildroot/commit/?id=7d8b6bdd0075a57c2a4bb083197da7b41d6cef47
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Fixes
DH small subgroups (CVE-2016-0701)
SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
An update on DHE man-in-the-middle protection (Logjam)
Signed-off-by: Bernd Kuhls <bernd.kuhls at t-online.de>
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/openssl/openssl.hash | 4 ++--
package/openssl/openssl.mk | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/openssl/openssl.hash b/package/openssl/openssl.hash
index 2d2a5b0..2cf7516 100644
--- a/package/openssl/openssl.hash
+++ b/package/openssl/openssl.hash
@@ -1,5 +1,5 @@
-# From https://www.openssl.org/source/openssl-1.0.2e.tar.gz.sha256
-sha256 e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff openssl-1.0.2e.tar.gz
+# From https://www.openssl.org/source/openssl-1.0.2f.tar.gz.sha256
+sha256 932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c openssl-1.0.2f.tar.gz
# Locally computed
sha256 eddd8a5123748052c598214487ac178e4bfa4e31ba2ec520c70d59c8c5bfa2e9 openssl-1.0.2a-parallel-install-dirs.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
sha256 147c3eeaad614c044749ea527cb433eae5e2d5cad34a78c6ba61cd967bfbe01f openssl-1.0.2a-parallel-obj-headers.patch?id=c8abcbe8de5d3b6cdd68c162f398c011ff6e2d9d
diff --git a/package/openssl/openssl.mk b/package/openssl/openssl.mk
index c3ea08d..b7498a7 100644
--- a/package/openssl/openssl.mk
+++ b/package/openssl/openssl.mk
@@ -4,7 +4,7 @@
#
################################################################################
-OPENSSL_VERSION = 1.0.2e
+OPENSSL_VERSION = 1.0.2f
OPENSSL_SITE = http://www.openssl.org/source
OPENSSL_LICENSE = OpenSSL or SSLeay
OPENSSL_LICENSE_FILES = LICENSE
More information about the buildroot
mailing list