From 76f422025ffe1baed977b5c8e1f072e5981e46ff Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 27 Mar 2018 16:05:07 +0100
Subject: [PATCH] openssl: Update to 1.0.2o

CVE-2018-0739 (OpenSSL advisory) [Moderate severity] 27 March 2018:

Constructed ASN.1 types with a recursive definition (such as can be
found in PKCS7) could eventually exceed the stack given malicious
input with excessive recursion. This could result in a Denial Of
Service attack. There are no such structures used within SSL/TLS
that come from untrusted sources so this is considered safe.
Reported by OSS-fuzz.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 lfs/openssl-compat | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/openssl-compat b/lfs/openssl-compat
index 188baa0732..9e991b4960 100644
--- a/lfs/openssl-compat
+++ b/lfs/openssl-compat
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.0.2n
+VER        = 1.0.2o
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -84,7 +84,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 13bdc1b1d1ff39b6fd42a255e74676a4
+$(DL_FILE)_MD5 = 44279b8557c3247cbe324e2322ecd114
 
 install : $(TARGET)
 
-- 
2.39.5