From mboxrd@z Thu Jan  1 00:00:00 1970
Delivery-date: Thu, 01 Jun 2023 19:10:08 +0200
Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33])
	by lore.white.stw.pengutronix.de with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <ptxdist-bounces+lore=lore.pengutronix.de@pengutronix.de>)
	id 1q4loP-0064zN-Iw
	for lore@lore.pengutronix.de; Thu, 01 Jun 2023 19:10:08 +0200
Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de)
	by metis.ext.pengutronix.de with esmtp (Exim 4.92)
	(envelope-from <ptxdist-bounces@pengutronix.de>)
	id 1q4loN-0004A6-CA; Thu, 01 Jun 2023 19:10:07 +0200
Received: from mail-vi1eur04on2053.outbound.protection.outlook.com
 ([40.107.8.53] helo=EUR04-VI1-obe.outbound.protection.outlook.com)
 by metis.ext.pengutronix.de with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92)
 (envelope-from <christian.melki@t2data.com>) id 1q4lo7-00049t-Ov
 for ptxdist@pengutronix.de; Thu, 01 Jun 2023 19:09:52 +0200
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=WV1jWutAIZAJ8/WzvjtzwjArxlsVrWaxcCdaOmalYi5VUMObsaaVmo9zvfbZCKjJwElXUGs3fGn1oMSTmXu6K3up+mV6jpQAZo5ZCs6sqGGIswWjbC3VZzwZ8T/RvChopi53qaF7ynyET/xoCGg0+fHK97BngmNMi7bEM9Mbfryr2eOyCMuFgPUd+iDG+QrdGreBrLCRx3ndd+TiaC1Wwb6VYxGBSjfG2PlmKeDbHIAcbr1+wpcxxeCzzU3hQk77PbSpuXF6b09ZYbde4Q7wmznDbjBvZognJl+8f+3w6fMtOOjtHsyDBT0mBuHTyErM3S+GMSaut2gH6OfXDAQjTg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; 
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=NhUjxPOmTGT97Qxlu06SzhsIzJNqnQnVvULNJqxVM/E=;
 b=SQu/y5PDAU6Y/TOVJVdKFjuSB7eIW4/wHfM93sZIqtLdkgjiX2BblnERZuibswejtCrnkm/vCKFUKaeLUj9Q1yB90j7gMFvjiGdu/3P9WtR6NhIavqV/Vi676CYrJfwojtxgh4WvG5QcYOhV1WZXGC5Nap47BhvC+fcuLD8eT/V+7i/OiuKrvdtXSXEgzkAEoE5IqJM726anVJskbU9vM6MLk+PeK3N4F9lJsj5/vL05RQPd52tTeWBKsqawgV9EzCzt3Xy6vCIQicF1SgdXYqm39pbpMg8CcedXjBx1FIeuTyBqRg8iiHSllD7npUbDPjA7nEDoEt14sxuTDH1WkQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com;
 dkim=pass header.d=t2data.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=NhUjxPOmTGT97Qxlu06SzhsIzJNqnQnVvULNJqxVM/E=;
 b=LZ5KFFBx/SnnZZEslVD6+Lf3tS3MQcbbS76RDsd25e8OHiSf+Zi5XB03vToUJ60qWG8efkSHAsCzeYXqPUbeZbV7I4aD3UggQJ1b5i01gKD7NYS7NUy7mcNRIk0Rg+btTCpL1lN3h/dYlZqrJTEBOBYDLWRFRmOBm5FkaHkkSN8=
Authentication-Results: dkim=none (message not signed)
 header.d=none;dmarc=none action=none header.from=t2data.com;
Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22)
 by AS1P251MB0503.EURP251.PROD.OUTLOOK.COM (2603:10a6:20b:4a3::17) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.23; Thu, 1 Jun
 2023 17:09:47 +0000
Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
 ([fe80::8870:34db:67db:6e1f]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
 ([fe80::8870:34db:67db:6e1f%7]) with mapi id 15.20.6433.024; Thu, 1 Jun 2023
 17:09:47 +0000
From: Christian Melki <christian.melki@t2data.com>
To: ptxdist@pengutronix.de
Date: Thu,  1 Jun 2023 19:09:40 +0200
Message-Id: <20230601170940.148580-1-christian.melki@t2data.com>
X-Mailer: git-send-email 2.34.1
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-ClientProxiedBy: GVYP280CA0044.SWEP280.PROD.OUTLOOK.COM
 (2603:10a6:150:f9::27) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
 (2603:10a6:10:334::22)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB9P251MB0618:EE_|AS1P251MB0503:EE_
X-MS-Office365-Filtering-Correlation-Id: ddc45408-01cb-4d67-1a36-08db62c3009a
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: CdWJ9JaHiGSEMV2N8GmUndes8tMG/+WGXT6zYWw4PpJekKmD8fPXsUOPPZ4dFBOGc4qTXjz11+tAnjvpHgEGpBO/RofopQG2tnPyDt4P2PHepn44iJmielWZjvMltjEUE7kWfpjLii85j9GSIGlHybPv5/x3BYHCw2ynQm2pFmtb4+wnsEElsal1AjPgmMX4GtZJFfna5KezWxkamNYOCILX0pU2Kkw6z6yK2Er48Si9OOfS+qeASykPspfz43ds4SoFbCvdZ1TWRkla2epWfaj8r3zmnQVgYWNjhP50TSKCNLTqO8/4vahLf1Pg16UpPi09jyuQyICCSu07FWSHYuZjIQqCDY9kPKIRKO1KHX/7hhZkl2PJuBktirByiTLzYfubdLGNqknKFYvZqFBUW8pvsy5/j4BnOHULc1DpDXQm4NhJoiM47WY7RIanhwAYJOFf/wl0lE7p1mOBxC/SDqw/FKYPMbRd77hwrtBOjs3rsUBCTPm6gVMX2CCIFgw+4op3zoeXav5MBV8c//ivDOmall6Xqs9Kp2db+OLpmaahHNBJ2LmVZ3lwZ06/Tq+vQTPACKkg9R1DWmXjOEtJHLBSUp20gmctGuQN7Bb6P6g=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
 IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE;
 SFS:(13230028)(39830400003)(396003)(136003)(346002)(366004)(376002)(451199021)(66476007)(8676002)(6916009)(478600001)(44832011)(8936002)(5660300002)(66556008)(86362001)(36756003)(2906002)(66946007)(316002)(186003)(38350700002)(41300700001)(38100700002)(2616005)(966005)(52116002)(6512007)(1076003)(26005)(6486002)(6506007)(6666004)(83380400001);
 DIR:OUT; SFP:1101; 
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?cYi4e+nzNtDt12gYcqP78cWfiTpZeaUSIqU+YN5hiWwjLH/j8fSVDt7sJ0Kl?=
 =?us-ascii?Q?gZl6/fWbZMpYCImukIxrMX8etjTHtx3jO2rcZac4+5p3z1wvm+8iBwX1WZMQ?=
 =?us-ascii?Q?Vqq0G7Gm1fT/bFYPFiruzVAURejWbOzeCKYNyrOl8SUEfgtt0y07j96dwOqh?=
 =?us-ascii?Q?tTCwgiYRRBjRZunBLfMbGxmV53RfJJllegCk4bzEy3OVlHsEKZDnzvPOd7Vp?=
 =?us-ascii?Q?LQ02S3nKWypZ4g9T2575sVOn2DS4VN5hDKiQDY2Nk5uhWfMPzwr0PQIC5/fB?=
 =?us-ascii?Q?fAHGibz54aoYlmaY95khsk18W8ocKZK34WJ1cD3JS5wnyuvNiVKCHjYqhgmK?=
 =?us-ascii?Q?L36qMvZhFWNlzpcMSOh7HzQddvrgEUNqW3O4RCwuDJ8DXmlUw94kTbuODgxy?=
 =?us-ascii?Q?oxZ9/EMoInBrpjhjbqD6ikcQ7u8PfzWkdpjTybQcyA7ae4XtT52Im+RYeG4c?=
 =?us-ascii?Q?roGvXmaJxENu31jXatkXcbxKDhHxBhAn4UXcxKnaXv3dQNhHBZU7WKZfzas8?=
 =?us-ascii?Q?qEiMb4mWf1keY0qpfR244oJJpyHcaOyOmr8pstWe7drAIkdJq5GVrePZ3nWe?=
 =?us-ascii?Q?WcC2FCsJDMTSjNXNVjcyvIkQ3gF47pw8ulwEg7E0A7mz0Ba+zZDAAxeyC7p7?=
 =?us-ascii?Q?X/TeeMy8GdJDgqwHfbFAX3cHfwGCgWZoPhCBpImFkPXwsBJ8EJST+yfknOMD?=
 =?us-ascii?Q?yR6Lq4bPrw/vI7xkSP5Eze7FwisRecA5AIk/DBKwPz47+9rLLr8tOGjaUCm5?=
 =?us-ascii?Q?Jm2+/gCAa6wqgm6156zLfxxNoJsBEpj9nZsYGXAxYwK0+dxwYpjjCjYAlVGJ?=
 =?us-ascii?Q?ro3eT0Vpwnpelj5fF6zA6GH6CdsHvRemmLVCD5orQPMhes5tXxnonQQBgZeL?=
 =?us-ascii?Q?pLWw9frwMrDI26aJ3WonwTAdu0dauqmzhkgt8eoM1Kh5dk7NfRs8/ZbY/F+A?=
 =?us-ascii?Q?OnvEPkTZch2nSG0CappuZP5fO3Jq68OFprd9eCvN5JrTH6jIHc0QVOzVSiWz?=
 =?us-ascii?Q?nmI4Sc/TWKxhwqB7ZrFIFGRUCfzG9IwDoGYEChICnngRe55bBAi5/5X9t+Nb?=
 =?us-ascii?Q?ZSbRXCc9Jk1I+jKW6hBePHqqie9leAH7ztguCiJr8zCAVVGWp9NNb1Sp4u83?=
 =?us-ascii?Q?+husUxZFjI66EItgWz0GP8ZMgO5zuInTSnbKXP8xydGYv1H5wz/Ogy7nCrLX?=
 =?us-ascii?Q?KUbP9Adoq4YMxU3g3BG2CIjcg+1wR35ecUEfj+/qN7chna2+cWUu+nSzDd7o?=
 =?us-ascii?Q?3VvmcQxH/B9ILAVGBFEFOBQSs3iNarKd1NzOliokcXp3G6e2LuWymwf+EPgU?=
 =?us-ascii?Q?nkN9kbJKIWtQRz5DEu8bB/v1M5J2pvjd06Va/WCf5E4pM9N+rKNmsAaEiroV?=
 =?us-ascii?Q?diUNb42JYHudwxZKEOFQtjbFuLlJPs/D/4SBtl/CwhMeErZ8OnzkYvm5GNLt?=
 =?us-ascii?Q?jCMn0jDcIN8JwkBz1z0a0zjxJMssvy7yvJQl/aYgHOseIMh82y4E2ZSn96yP?=
 =?us-ascii?Q?DMPVYf1j7c6MCfh8p5dWDqjIBtgBh6RTufFnQXhqJHR8KRbL7XhyUDuphN7A?=
 =?us-ascii?Q?RKIzy70j+lHyOOkqkbDyp9WsJVe+wS8IWtWx9f0ovdSuSr06cy1lqRF6SjiS?=
 =?us-ascii?Q?UA=3D=3D?=
X-OriginatorOrg: t2data.com
X-MS-Exchange-CrossTenant-Network-Message-Id: ddc45408-01cb-4d67-1a36-08db62c3009a
X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 01 Jun 2023 17:09:47.2891 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: C7H17jE9DstpInDOBEM3y4TM7qZRKgFMaxT2Xxr00NFiiiFOOasP422Ia5kzn61VAN9rq9kp/bmQccV+p7rQVseusnw5WNGB+bHhI4sUvME=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS1P251MB0503
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on
 metis.ext.pengutronix.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED,
 DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS,
 T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no
 version=3.4.2
Subject: [ptxdist] [PATCH] openssl: Version bump. 3.1.0 -> 3.1.1
X-BeenThere: ptxdist@pengutronix.de
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: PTXdist Development Mailing List <ptxdist.pengutronix.de>
List-Unsubscribe: <http://metis.pengutronix.de/cgi-bin/mailman/options/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=unsubscribe>
List-Archive: <http://metis.pengutronix.de/cgi-bin/mailman/private/ptxdist/>
List-Post: <mailto:ptxdist@pengutronix.de>
List-Help: <mailto:ptxdist-request@pengutronix.de?subject=help>
List-Subscribe: <http://metis.pengutronix.de/cgi-bin/mailman/listinfo/ptxdist>, 
 <mailto:ptxdist-request@pengutronix.de?subject=subscribe>
Reply-To: ptxdist@pengutronix.de
Sender: "ptxdist" <ptxdist-bounces@pengutronix.de>
X-SA-Exim-Connect-IP: 127.0.0.1
X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de
X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false

Minor fixes.
https://www.openssl.org/news/cl31.txt

https://www.openssl.org/news/vulnerabilities-3.1.html
Fixes five CVEs (Moderate to low severity).
CVE-2023-2650 - Possible DoS translating ASN.1 object identifiers
CVE-2023-0465 - Invalid certificate policies in leaf certificates are silently ignored
CVE-2023-1255 - Input buffer over-read in AES-XTS implementation on 64 bit ARM
CVE-2023-0466 - Certificate policy check not enabled
CVE-2023-0464 - Excessive Resource Usage Verifying X.509 Policy Constraints

* Forward patches. Applies cleanly.
And still looks about the same from the debian origin in their 3.1.1.

Signed-off-by: Christian Melki <christian.melki@t2data.com>
---
 .../0001-debian-targets.patch                                 | 0
 patches/{openssl-3.1.0 => openssl-3.1.1}/0002-pic.patch       | 0
 ...Configure-allow-to-enable-ktls-if-target-does-not-st.patch | 0
 .../0004-conf-Serialize-allocation-free-of-ssl_names.patch    | 0
 ...Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch | 0
 patches/{openssl-3.1.0 => openssl-3.1.1}/series               | 0
 rules/openssl.make                                            | 4 ++--
 7 files changed, 2 insertions(+), 2 deletions(-)
 rename patches/{openssl-3.1.0 => openssl-3.1.1}/0001-debian-targets.patch (100%)
 rename patches/{openssl-3.1.0 => openssl-3.1.1}/0002-pic.patch (100%)
 rename patches/{openssl-3.1.0 => openssl-3.1.1}/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch (100%)
 rename patches/{openssl-3.1.0 => openssl-3.1.1}/0004-conf-Serialize-allocation-free-of-ssl_names.patch (100%)
 rename patches/{openssl-3.1.0 => openssl-3.1.1}/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch (100%)
 rename patches/{openssl-3.1.0 => openssl-3.1.1}/series (100%)

diff --git a/patches/openssl-3.1.0/0001-debian-targets.patch b/patches/openssl-3.1.1/0001-debian-targets.patch
similarity index 100%
rename from patches/openssl-3.1.0/0001-debian-targets.patch
rename to patches/openssl-3.1.1/0001-debian-targets.patch
diff --git a/patches/openssl-3.1.0/0002-pic.patch b/patches/openssl-3.1.1/0002-pic.patch
similarity index 100%
rename from patches/openssl-3.1.0/0002-pic.patch
rename to patches/openssl-3.1.1/0002-pic.patch
diff --git a/patches/openssl-3.1.0/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch b/patches/openssl-3.1.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
similarity index 100%
rename from patches/openssl-3.1.0/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
rename to patches/openssl-3.1.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch
diff --git a/patches/openssl-3.1.0/0004-conf-Serialize-allocation-free-of-ssl_names.patch b/patches/openssl-3.1.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch
similarity index 100%
rename from patches/openssl-3.1.0/0004-conf-Serialize-allocation-free-of-ssl_names.patch
rename to patches/openssl-3.1.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch
diff --git a/patches/openssl-3.1.0/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch b/patches/openssl-3.1.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch
similarity index 100%
rename from patches/openssl-3.1.0/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch
rename to patches/openssl-3.1.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch
diff --git a/patches/openssl-3.1.0/series b/patches/openssl-3.1.1/series
similarity index 100%
rename from patches/openssl-3.1.0/series
rename to patches/openssl-3.1.1/series
diff --git a/rules/openssl.make b/rules/openssl.make
index f4fb408d1..e292cd307 100644
--- a/rules/openssl.make
+++ b/rules/openssl.make
@@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl
 #
 # Paths and names
 #
-OPENSSL_VERSION	:= 3.1.0
-OPENSSL_MD5	:= f6c520aa2206d4d1fa71ea30b5e9a56d
+OPENSSL_VERSION	:= 3.1.1
+OPENSSL_MD5	:= 1864b75e31fb4a6e0a07fd832529add3
 OPENSSL		:= openssl-$(OPENSSL_VERSION)
 OPENSSL_SUFFIX	:= tar.gz
 OPENSSL_URL	:= \
-- 
2.34.1