Minor fixes. https://www.openssl.org/news/cl31.txt
https://www.openssl.org/news/vulnerabilities-3.1.html Fixes three CVEs (Low to moderate severity). CVE-2023-3817 - Excessive time spent checking DH q parameter value CVE-2023-3446 - Excessive time spent checking DH keys and parameters CVE-2023-2975 - AES-SIV implementation ignores empty associated data entries * Forward patches. Applies cleanly. And still looks about the same from the debian origin in their 3.1.2. Signed-off-by: Christian Melki <christian.me...@t2data.com> --- .../0001-debian-targets.patch | 0 patches/{openssl-3.1.1 => openssl-3.1.2}/0002-pic.patch | 0 ...Configure-allow-to-enable-ktls-if-target-does-not-st.patch | 0 .../0004-conf-Serialize-allocation-free-of-ssl_names.patch | 0 ...Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch | 0 patches/{openssl-3.1.1 => openssl-3.1.2}/series | 0 rules/openssl.make | 4 ++-- 7 files changed, 2 insertions(+), 2 deletions(-) rename patches/{openssl-3.1.1 => openssl-3.1.2}/0001-debian-targets.patch (100%) rename patches/{openssl-3.1.1 => openssl-3.1.2}/0002-pic.patch (100%) rename patches/{openssl-3.1.1 => openssl-3.1.2}/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch (100%) rename patches/{openssl-3.1.1 => openssl-3.1.2}/0004-conf-Serialize-allocation-free-of-ssl_names.patch (100%) rename patches/{openssl-3.1.1 => openssl-3.1.2}/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch (100%) rename patches/{openssl-3.1.1 => openssl-3.1.2}/series (100%) diff --git a/patches/openssl-3.1.1/0001-debian-targets.patch b/patches/openssl-3.1.2/0001-debian-targets.patch similarity index 100% rename from patches/openssl-3.1.1/0001-debian-targets.patch rename to patches/openssl-3.1.2/0001-debian-targets.patch diff --git a/patches/openssl-3.1.1/0002-pic.patch b/patches/openssl-3.1.2/0002-pic.patch similarity index 100% rename from patches/openssl-3.1.1/0002-pic.patch rename to patches/openssl-3.1.2/0002-pic.patch diff --git a/patches/openssl-3.1.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch b/patches/openssl-3.1.2/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch similarity index 100% rename from patches/openssl-3.1.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch rename to patches/openssl-3.1.2/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch diff --git a/patches/openssl-3.1.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch b/patches/openssl-3.1.2/0004-conf-Serialize-allocation-free-of-ssl_names.patch similarity index 100% rename from patches/openssl-3.1.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch rename to patches/openssl-3.1.2/0004-conf-Serialize-allocation-free-of-ssl_names.patch diff --git a/patches/openssl-3.1.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch b/patches/openssl-3.1.2/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch similarity index 100% rename from patches/openssl-3.1.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch rename to patches/openssl-3.1.2/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch diff --git a/patches/openssl-3.1.1/series b/patches/openssl-3.1.2/series similarity index 100% rename from patches/openssl-3.1.1/series rename to patches/openssl-3.1.2/series diff --git a/rules/openssl.make b/rules/openssl.make index e292cd307..598771f60 100644 --- a/rules/openssl.make +++ b/rules/openssl.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl # # Paths and names # -OPENSSL_VERSION := 3.1.1 -OPENSSL_MD5 := 1864b75e31fb4a6e0a07fd832529add3 +OPENSSL_VERSION := 3.1.2 +OPENSSL_MD5 := 1d7861f969505e67b8677e205afd9ff4 OPENSSL := openssl-$(OPENSSL_VERSION) OPENSSL_SUFFIX := tar.gz OPENSSL_URL := \ -- 2.34.1