From: Christian Melki <christian.melki@t2data.com>
To: ptxdist@pengutronix.de
Subject: [ptxdist] [PATCH] openssl: Version bump. 1.1.1t -> 1.1.1s.
Date: Wed, 8 Feb 2023 09:01:07 +0100 [thread overview]
Message-ID: <20230208080107.2504460-1-christian.melki@t2data.com> (raw)
Plug 4 CVEs.
https://www.openssl.org/news/cl111.txt
X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
Use-after-free following BIO_new_NDEF (CVE-2023-0215)
Double free after calling PEM_read_bio_ex (CVE-2022-4450)
Timing Oracle in RSA Decryption (CVE-2022-4304)
* Forward patchset. Applies cleanly.
Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
.../0001-debian-targets.patch | 0
patches/{openssl-1.1.1s => openssl-1.1.1t}/0002-pic.patch | 0
...003-Set-systemwide-default-settings-for-libssl-users.patch | 0
patches/{openssl-1.1.1s => openssl-1.1.1t}/series | 0
rules/openssl.make | 4 ++--
5 files changed, 2 insertions(+), 2 deletions(-)
rename patches/{openssl-1.1.1s => openssl-1.1.1t}/0001-debian-targets.patch (100%)
rename patches/{openssl-1.1.1s => openssl-1.1.1t}/0002-pic.patch (100%)
rename patches/{openssl-1.1.1s => openssl-1.1.1t}/0003-Set-systemwide-default-settings-for-libssl-users.patch (100%)
rename patches/{openssl-1.1.1s => openssl-1.1.1t}/series (100%)
diff --git a/patches/openssl-1.1.1s/0001-debian-targets.patch b/patches/openssl-1.1.1t/0001-debian-targets.patch
similarity index 100%
rename from patches/openssl-1.1.1s/0001-debian-targets.patch
rename to patches/openssl-1.1.1t/0001-debian-targets.patch
diff --git a/patches/openssl-1.1.1s/0002-pic.patch b/patches/openssl-1.1.1t/0002-pic.patch
similarity index 100%
rename from patches/openssl-1.1.1s/0002-pic.patch
rename to patches/openssl-1.1.1t/0002-pic.patch
diff --git a/patches/openssl-1.1.1s/0003-Set-systemwide-default-settings-for-libssl-users.patch b/patches/openssl-1.1.1t/0003-Set-systemwide-default-settings-for-libssl-users.patch
similarity index 100%
rename from patches/openssl-1.1.1s/0003-Set-systemwide-default-settings-for-libssl-users.patch
rename to patches/openssl-1.1.1t/0003-Set-systemwide-default-settings-for-libssl-users.patch
diff --git a/patches/openssl-1.1.1s/series b/patches/openssl-1.1.1t/series
similarity index 100%
rename from patches/openssl-1.1.1s/series
rename to patches/openssl-1.1.1t/series
diff --git a/rules/openssl.make b/rules/openssl.make
index 86f2e081c..67600ab20 100644
--- a/rules/openssl.make
+++ b/rules/openssl.make
@@ -17,9 +17,9 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
# Paths and names
#
OPENSSL_BASE := 1.1.1
-OPENSSL_BUGFIX := s
+OPENSSL_BUGFIX := t
OPENSSL_VERSION := $(OPENSSL_BASE)$(OPENSSL_BUGFIX)
-OPENSSL_MD5 := 077f69d357758c7d6ef686f813e16f30
+OPENSSL_MD5 := 1cfee919e0eac6be62c88c5ae8bcd91e
OPENSSL := openssl-$(OPENSSL_VERSION)
OPENSSL_SUFFIX := tar.gz
OPENSSL_URL := \
--
2.34.1
next reply other threads:[~2023-02-08 8:01 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-08 8:01 Christian Melki [this message]
2023-02-08 9:38 ` Ladislav Michl
2023-02-08 10:35 ` Christian Melki
2023-02-08 11:50 ` [ptxdist] [APPLIED] openssl: Version bump. 1.1.1s -> 1.1.1t Michael Olbrich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20230208080107.2504460-1-christian.melki@t2data.com \
--to=christian.melki@t2data.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox