298977887/lede
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/lede.git synced 2025-04-16 04:13:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

openssl: update to 3.0.15

Browse Source 
OpenSSL 3.0.15 is a security patch release.
The most severe CVE fixed in this release is Moderate.

This release incorporates the following bug fixes and mitigations:

  * Fixed possible denial of service in X.509 name checks (CVE-2024-6119)

  * Fixed possible buffer overread in SSL_select_next_proto() (CVE-2024-5535)

Added github releases url as source mirror

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit is contained in:
Ivan Pavlov 2024-09-05 11:21:57 +03:00
parent dcb074e9d3
commit a45c291927
1 changed files with 5 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
package/libs/openssl/Makefile
View File

@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=openssl
PKG_VERSION:=3.0.14
PKG_VERSION:=3.0.15
PKG_RELEASE:=1
PKG_USE_MIPS16:=0
PKG_BUILD_FLAGS:=gc-sections no-lto
@ -17,17 +17,9 @@ PKG_BUILD_PARALLEL:=1
PKG_BASE:=$(subst $(space),.,$(wordlist 1,2,$(subst .,$(space),$(PKG_VERSION))))
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:= \
https://mirrors.tencent.com/openssl/source/ \
https://mirrors.tencent.com/openssl/source/old/$(PKG_BASE)/ \
https://www.openssl.org/source/ \
https://www.openssl.org/source/old/$(PKG_BASE)/ \
https://ftp.fi.muni.cz/pub/openssl/source/ \
https://ftp.fi.muni.cz/pub/openssl/source/old/$(PKG_BASE)/ \
ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/ \
ftp://ftp.pca.dfn.de/pub/tools/net/openssl/source/old/$(PKG_BASE)/
PKG_SOURCE_URL:=https://github.com/openssl/openssl/releases/download/$(PKG_NAME)-$(PKG_VERSION)/
PKG_HASH:=eeca035d4dd4e84fc25846d952da6297484afa0650a6f84c682e39df3a4123ca
PKG_HASH:=23c666d0edf20f14249b3d8f0368acaee9ab585b09e1de82107c66e1f3ec9533
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
@ -409,9 +401,7 @@ define Package/libopenssl/install
chmod 0700 $(1)/etc/ssl/private
$(INSTALL_DIR) $(1)/usr/lib
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libcrypto.so.* $(1)/usr/lib/
$(LN) libcrypto.so.3 $(1)/usr/lib/libcrypto.so.1.1
$(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libssl.so.* $(1)/usr/lib/
$(LN) libssl.so.3 $(1)/usr/lib/libssl.so.1.1
$(if $(CONFIG_OPENSSL_ENGINE),$(INSTALL_DIR) $(1)/usr/lib/$(ENGINES_DIR))
endef
@ -421,6 +411,8 @@ define Package/libopenssl-conf/install
$(INSTALL_BIN) ./files/openssl.init $(1)/etc/init.d/openssl
$(SED) 's!%ENGINES_DIR%!/usr/lib/$(ENGINES_DIR)!' $(1)/etc/init.d/openssl
touch $(1)/etc/config/openssl
$(if $(CONFIG_OPENSSL_ENGINE),,
$(SED) 's!engines = engines_sect!#&!' $(1)/etc/ssl/openssl.cnf)
$(if $(CONFIG_OPENSSL_ENGINE_BUILTIN_DEVCRYPTO),
$(CP) ./files/devcrypto.cnf $(1)/etc/ssl/modules.cnf.d/
echo -e "config engine 'devcrypto'\n\toption enabled '1'\n\toption builtin '1'" >> $(1)/etc/config/openssl)