From: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed, 4 May 2022 10:59:48 +0000 (+0200)
Subject: openssl: Update to version 1.1.1o
X-Git-Tag: v2.27-core170~204
X-Git-Url: http://git.ipfire.org/?p=ipfire-2.x.git;a=commitdiff_plain;h=a694737a131fccbc791ab70693a0da8b1c5d550b

openssl: Update to version 1.1.1o

- Update from version 1.1.1n to 1.1.1o
- Update of rootfile not required
- This patch is to go into CU168 as this update is for fixing a moderate severity CVE
- Changelog
   1.1.1o [3 May 2022]
	    (CVE-2022-1292)
	    Fixed a bug in the c_rehash script which was not properly sanitising shell
	    metacharacters to prevent command injection.  This script is distributed by
	    some operating systems in a manner where it is automatically executed.  On
	    such operating systems, an attacker could execute arbitrary commands with the
	    privileges of the script.
	    Use of the c_rehash script is considered obsolete and should be replaced
	    by the OpenSSL rehash command line tool.

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Reviewed-by: Peter Müller <peter.mueller@ipfire.org>
---

diff --git a/lfs/openssl b/lfs/openssl
index 2aa0aeb865..a1328fcd09 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 1.1.1n
+VER        = 1.1.1o
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -74,7 +74,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = af530258d9f7ca4f1bd1c6c344eb385e766e465c9341dd08797676165f67bbb82d3fd549ed7559dc12fb8c9c4db5e04fa6ec7ab729ec1467f5e8bce469ff5398
+$(DL_FILE)_BLAKE2 = 5bd355fd17adf43ba4e3bf1a8036ceb724edd4f4ab80dc25aecc3d2647372e9db2bc12e2b89791fc4b6f7fd95a7b68e00490d09ca6518d25ab990ee27798e641
 
 install : $(TARGET)