https://www.openssl.org/news/openssl-1.0.2-notes.html
This release fixes various security flaws:
* OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
* SWEET32 Mitigation (CVE-2016-2183)
* OOB write in MDC2_Update() (CVE-2016-6303)
* Malformed SHA512 ticket DoS (CVE-2016-6302)
* OOB write in BN_bn2dec() (CVE-2016-2182)
* OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
* Pointer arithmetic undefined behaviour (CVE-2016-2177)
* Constant time flag not preserved in DSA signing (CVE-2016-2178)
* DTLS buffered message DoS (CVE-2016-2179)
* DTLS replay protection DoS (CVE-2016-2181)
* Certificate message OOB reads (CVE-2016-6306)
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
--- /dev/null
+../../../common/openssl
\ No newline at end of file
include Config
-VER = 1.0.2h
+VER = 1.0.2i
THISAPP = openssl-$(VER)
DL_FILE = $(THISAPP).tar.gz
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_MD5 = 9392e65072ce4b614c1392eefc1f23d0
+$(DL_FILE)_MD5 = 678374e63f8df456a697d3e5e5a931fb
install : $(TARGET)