[PATCH] openssl: update to 1.1.1i

Stijn Segers foss at volatilesystems.org
Wed Dec 16 07:19:30 EST 2020


Hi!

Op vrijdag 11 december 2020 om 8u39 schreef Eneas U de Queiroz 
<cotequeiroz at gmail.com>:
> Fixes: CVE-2020-1971, defined as high severity, summarized as:
> NULL pointer deref in GENERAL_NAME_cmp function can lead to a DOS
> attack.
> 
> Signed-off-by: Eneas U de Queiroz <cotequeiroz at gmail.com>
> ---
> This was run-tested in a WRT-3200ACM

Can this be backported to 19.O7? I cherry-picked it from master locally 
here, applies cleanly afaict.

Thanks!

Stijn

> 
> diff --git a/package/libs/openssl/Makefile 
> b/package/libs/openssl/Makefile
> index 77c6d41cec..714ce2059a 100644
> --- a/package/libs/openssl/Makefile
> +++ b/package/libs/openssl/Makefile
> @@ -9,9 +9,9 @@ include $(TOPDIR)/rules.mk
> 
>  PKG_NAME:=openssl
>  PKG_BASE:=1.1.1
> -PKG_BUGFIX:=h
> +PKG_BUGFIX:=i
>  PKG_VERSION:=$(PKG_BASE)$(PKG_BUGFIX)
> -PKG_RELEASE:=2
> +PKG_RELEASE:=1
>  PKG_USE_MIPS16:=0
>  ENGINES_DIR=engines-1.1
> 
> @@ -24,7 +24,7 @@ PKG_SOURCE_URL:= \
>  	ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
>  	http://www.openssl.org/source/ \
>  	http://www.openssl.org/source/old/$(PKG_BASE)/
> -PKG_HASH:=5c9ca8774bd7b03e5784f26ae9e9e6d749c9da2438545077e6b3d755a06595d9
> +PKG_HASH:=e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242
> 
>  PKG_LICENSE:=OpenSSL
>  PKG_LICENSE_FILES:=LICENSE
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel at lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel





More information about the openwrt-devel mailing list