From a8366ef743742ac25bda40c57e793ae6c4662268 Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Tue, 24 Aug 2021 22:17:06 +0200
Subject: [PATCH] openssl: update to 1.1.1k

This update fix:
SM2 Decryption Buffer Overflow (CVE-2021-3711)
Read buffer overruns processing ASN.1 strings (CVE-2021-3712)
https://www.openssl.org/news/secadv/20210824.txt

Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 config/rootfiles/common/openssl | 2 ++
 lfs/openssl                     | 6 +++---
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/config/rootfiles/common/openssl b/config/rootfiles/common/openssl
index 9896702620..89c66adf0c 100644
--- a/config/rootfiles/common/openssl
+++ b/config/rootfiles/common/openssl
@@ -599,6 +599,7 @@ usr/lib/libssl.so.1.1
 #usr/share/doc/openssl/html/man3/BN_RECP_CTX_free.html
 #usr/share/doc/openssl/html/man3/BN_RECP_CTX_new.html
 #usr/share/doc/openssl/html/man3/BN_RECP_CTX_set.html
+#usr/share/doc/openssl/html/man3/BN_abs_is_word.html
 #usr/share/doc/openssl/html/man3/BN_add.html
 #usr/share/doc/openssl/html/man3/BN_add_word.html
 #usr/share/doc/openssl/html/man3/BN_bin2bn.html
@@ -4570,6 +4571,7 @@ usr/lib/libssl.so.1.1
 #usr/share/man/man3/BN_RECP_CTX_free.3
 #usr/share/man/man3/BN_RECP_CTX_new.3
 #usr/share/man/man3/BN_RECP_CTX_set.3
+#usr/share/man/man3/BN_abs_is_word.3
 #usr/share/man/man3/BN_add.3
 #usr/share/man/man3/BN_add_word.3
 #usr/share/man/man3/BN_bin2bn.3
diff --git a/lfs/openssl b/lfs/openssl
index c56c24af04..e9a4223151 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -1,7 +1,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2020  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2021  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.1.1k
+VER        = 1.1.1l
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -78,7 +78,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = c4e7d95f782b08116afa27b30393dd27
+$(DL_FILE)_MD5 = ac0d4387f3ba0ad741b0580dd45f6ff3
 
 install : $(TARGET)
 
-- 
2.39.2