From 928b3cbf66a249236ffa672f66edaf402a54289f Mon Sep 17 00:00:00 2001
From: Michael Tremer <michael.tremer@ipfire.org>
Date: Wed, 21 Nov 2018 11:21:42 +0000
Subject: [PATCH] openssl: Update to 1.1.0j

  *) Timing vulnerability in DSA signature generation

     The OpenSSL DSA signature algorithm has been shown to be vulnerable to a
     timing side channel attack. An attacker could use variations in the signing
     algorithm to recover the private key.

     This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser.
     (CVE-2018-0734)
     [Paul Dale]

  *) Timing vulnerability in ECDSA signature generation

     The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a
     timing side channel attack. An attacker could use variations in the signing
     algorithm to recover the private key.

     This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser.
     (CVE-2018-0735)
     [Paul Dale]

  *) Add coordinate blinding for EC_POINT and implement projective
     coordinate blinding for generic prime curves as a countermeasure to
     chosen point SCA attacks.
     [Sohaib ul Hassan, Nicola Tuveri, Billy Bob Brumley]

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---
 config/rootfiles/common/openssl | 4 ++++
 lfs/openssl                     | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/config/rootfiles/common/openssl b/config/rootfiles/common/openssl
index 8b26c4b429..f7d6f2fb5b 100644
--- a/config/rootfiles/common/openssl
+++ b/config/rootfiles/common/openssl
@@ -1654,7 +1654,10 @@ usr/lib/libssl.so.1.1
 #usr/share/doc/openssl/html/man3/OCSP_resp_get0_certs.html
 #usr/share/doc/openssl/html/man3/OCSP_resp_get0_id.html
 #usr/share/doc/openssl/html/man3/OCSP_resp_get0_produced_at.html
+#usr/share/doc/openssl/html/man3/OCSP_resp_get0_respdata.html
+#usr/share/doc/openssl/html/man3/OCSP_resp_get0_signature.html
 #usr/share/doc/openssl/html/man3/OCSP_resp_get0_signer.html
+#usr/share/doc/openssl/html/man3/OCSP_resp_get0_tbs_sigalg.html
 #usr/share/doc/openssl/html/man3/OCSP_response_create.html
 #usr/share/doc/openssl/html/man3/OCSP_response_get1_basic.html
 #usr/share/doc/openssl/html/man3/OCSP_response_status.html
@@ -1676,6 +1679,7 @@ usr/lib/libssl.so.1.1
 #usr/share/doc/openssl/html/man3/OPENSSL_LH_stats.html
 #usr/share/doc/openssl/html/man3/OPENSSL_LH_stats_bio.html
 #usr/share/doc/openssl/html/man3/OPENSSL_VERSION_NUMBER.html
+#usr/share/doc/openssl/html/man3/OPENSSL_VERSION_TEXT.html
 #usr/share/doc/openssl/html/man3/OPENSSL_atexit.html
 #usr/share/doc/openssl/html/man3/OPENSSL_buf2hexstr.html
 #usr/share/doc/openssl/html/man3/OPENSSL_cleanse.html
diff --git a/lfs/openssl b/lfs/openssl
index 94a08b97db..d7a616ff24 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.1.0i
+VER        = 1.1.0j
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -87,7 +87,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 9495126aafd2659d357ea66a969c3fe1
+$(DL_FILE)_MD5 = b4ca5b78ae6ae79da80790b30dbedbdc
 
 install : $(TARGET)
 
-- 
2.39.5