From: Michael Tremer <michael.tremer@ipfire.org>
Date: Thu, 5 Jan 2012 15:04:52 +0000 (+0100)
Subject: openssl: Update to 1.0.0f.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9a9d82f688a21cdab40565180caf9a135f954dcd;p=ipfire-3.x.git

openssl: Update to 1.0.0f.

 * DTLS Plaintext Recovery Attack (CVE-2011-4108)
 * Double-free in Policy Checks (CVE-2011-4109)
 * Uninitialized SSL 3.0 Padding (CVE-2011-4576)
 * Malformed RFC 3779 Data Can Cause Assertion Failures (CVE-2011-4577)
 * Affected users should upgrade to OpenSSL 1.0.0f or 0.9.8s.
 * SGC Restart DoS Attack (CVE-2011-4619)

http://www.openssl.org/news/secadv_20120104.txt
---

diff --git a/openssl/openssl.nm b/openssl/openssl.nm
index 39b731acb..1edeeffd2 100644
--- a/openssl/openssl.nm
+++ b/openssl/openssl.nm
@@ -4,8 +4,8 @@
 ###############################################################################
 
 name       = openssl
-version    = 1.0.0e
-release    = 3
+version    = 1.0.0f
+release    = 1
 
 maintainer = Michael Tremer <michael.tremer@ipfire.org>
 groups     = System/Libraries
diff --git a/openssl/patches/openssl-1.0.0e-version.patch b/openssl/patches/openssl-1.0.0f-version.patch
similarity index 57%
rename from openssl/patches/openssl-1.0.0e-version.patch
rename to openssl/patches/openssl-1.0.0f-version.patch
index 0a45f74b0..6c67a5ea3 100644
--- a/openssl/patches/openssl-1.0.0e-version.patch
+++ b/openssl/patches/openssl-1.0.0f-version.patch
@@ -1,22 +1,22 @@
-diff -up openssl-1.0.0e/crypto/opensslv.h.version openssl-1.0.0e/crypto/opensslv.h
---- openssl-1.0.0e/crypto/opensslv.h.version	2011-09-07 13:55:52.000000000 +0200
-+++ openssl-1.0.0e/crypto/opensslv.h	2011-09-07 13:59:28.000000000 +0200
+diff -up openssl-1.0.0f/crypto/opensslv.h.version openssl-1.0.0f/crypto/opensslv.h
+--- openssl-1.0.0f/crypto/opensslv.h.version	2012-01-05 13:28:32.000000000 +0100
++++ openssl-1.0.0f/crypto/opensslv.h	2012-01-05 13:29:37.000000000 +0100
 @@ -25,7 +25,8 @@
   * (Prior to 0.9.5a beta1, a different scheme was used: MMNNFFRBB for
   *  major minor fix final patch/beta)
   */
--#define OPENSSL_VERSION_NUMBER	0x1000005fL
+-#define OPENSSL_VERSION_NUMBER	0x1000006fL
 +/* we have to keep the version number to not break the abi */
 +#define OPENSSL_VERSION_NUMBER	0x10000003
  #ifdef OPENSSL_FIPS
- #define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0e-fips 6 Sep 2011"
+ #define OPENSSL_VERSION_TEXT	"OpenSSL 1.0.0f-fips 4 Jan 2012"
  #else
 @@ -83,7 +84,7 @@
   * should only keep the versions that are binary compatible with the current.
   */
  #define SHLIB_VERSION_HISTORY ""
 -#define SHLIB_VERSION_NUMBER "1.0.0"
-+#define SHLIB_VERSION_NUMBER "1.0.0e"
++#define SHLIB_VERSION_NUMBER "1.0.0f"
  
  
  #endif /* HEADER_OPENSSLV_H */