From 8074eed711092b90ae279fa968545a27d2655fd6 Mon Sep 17 00:00:00 2001
From: Arne Fitzenreiter <arne_f@ipfire.org>
Date: Sat, 12 May 2012 15:30:38 +0200
Subject: [PATCH] openssl: security update to 0.9.8x (CVE-2012-2333).

Invalid TLS/DTLS record attack (CVE-2012-2333)
===============================================

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and
DTLS can be exploited in a denial of service attack on both clients and
servers.

DTLS applications are affected in all versions of OpenSSL. TLS is only
affected in OpenSSL 1.0.1 and later.

Thanks to Codenomicon for discovering this issue using Fuzz-o-Matic fuzzing
as a service testing platform.

The fix was developed by Stephen Henson of the OpenSSL core team.

Affected users should upgrade to OpenSSL 1.0.1c, 1.0.0j or 0.9.8x

References
==========

URL for this Security Advisory:
http://www.openssl.org/news/secadv_20120510.txt
---
 lfs/openssl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lfs/openssl b/lfs/openssl
index c58c0487f..9aef173b0 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -24,7 +24,7 @@
 
 include Config
 
-VER        = 0.9.8w
+VER        = 0.9.8x
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -40,7 +40,7 @@ objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_MD5 = 4ceb7d570e42c094b360cc7b8e848a0b
+$(DL_FILE)_MD5 = ee17e9bc805c8cc7d0afac3b0ef78eda
 
 install : $(TARGET)
 
-- 
2.39.2