From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH] openssl: Update to version 1.1.1o Date: Wed, 04 May 2022 12:59:48 +0200 Message-ID: <20220504105948.3605848-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============7431915791077382907==" List-Id: --===============7431915791077382907== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable - Update from version 1.1.1n to 1.1.1o - Update of rootfile not required - This patch is to go into CU168 as this update is for fixing a moderate seve= rity CVE - Changelog 1.1.1o [3 May 2022] (CVE-2022-1292) Fixed a bug in the c_rehash script which was not properly sanitising she= ll metacharacters to prevent command injection. This script is distributed= by some operating systems in a manner where it is automatically executed. = On such operating systems, an attacker could execute arbitrary commands wit= h the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Signed-off-by: Adolf Belka --- lfs/openssl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/openssl b/lfs/openssl index 2aa0aeb86..a1328fcd0 100644 --- a/lfs/openssl +++ b/lfs/openssl @@ -24,7 +24,7 @@ =20 include Config =20 -VER =3D 1.1.1n +VER =3D 1.1.1o =20 THISAPP =3D openssl-$(VER) DL_FILE =3D $(THISAPP).tar.gz @@ -74,7 +74,7 @@ objects =3D $(DL_FILE) =20 $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE) =20 -$(DL_FILE)_BLAKE2 =3D af530258d9f7ca4f1bd1c6c344eb385e766e465c9341dd08797676= 165f67bbb82d3fd549ed7559dc12fb8c9c4db5e04fa6ec7ab729ec1467f5e8bce469ff5398 +$(DL_FILE)_BLAKE2 =3D 5bd355fd17adf43ba4e3bf1a8036ceb724edd4f4ab80dc25aecc3d= 2647372e9db2bc12e2b89791fc4b6f7fd95a7b68e00490d09ca6518d25ab990ee27798e641 =20 install : $(TARGET) =20 --=20 2.36.0 --===============7431915791077382907==--