* [PATCH] openssl: Update to version 1.1.1o
@ 2022-05-04 10:59 Adolf Belka
2022-05-04 19:43 ` Peter Müller
0 siblings, 1 reply; 2+ messages in thread
From: Adolf Belka @ 2022-05-04 10:59 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1537 bytes --]
- Update from version 1.1.1n to 1.1.1o
- Update of rootfile not required
- This patch is to go into CU168 as this update is for fixing a moderate severity CVE
- Changelog
1.1.1o [3 May 2022]
(CVE-2022-1292)
Fixed a bug in the c_rehash script which was not properly sanitising shell
metacharacters to prevent command injection. This script is distributed by
some operating systems in a manner where it is automatically executed. On
such operating systems, an attacker could execute arbitrary commands with the
privileges of the script.
Use of the c_rehash script is considered obsolete and should be replaced
by the OpenSSL rehash command line tool.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
lfs/openssl | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/openssl b/lfs/openssl
index 2aa0aeb86..a1328fcd0 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -24,7 +24,7 @@
include Config
-VER = 1.1.1n
+VER = 1.1.1o
THISAPP = openssl-$(VER)
DL_FILE = $(THISAPP).tar.gz
@@ -74,7 +74,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = af530258d9f7ca4f1bd1c6c344eb385e766e465c9341dd08797676165f67bbb82d3fd549ed7559dc12fb8c9c4db5e04fa6ec7ab729ec1467f5e8bce469ff5398
+$(DL_FILE)_BLAKE2 = 5bd355fd17adf43ba4e3bf1a8036ceb724edd4f4ab80dc25aecc3d2647372e9db2bc12e2b89791fc4b6f7fd95a7b68e00490d09ca6518d25ab990ee27798e641
install : $(TARGET)
--
2.36.0
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] openssl: Update to version 1.1.1o
2022-05-04 10:59 [PATCH] openssl: Update to version 1.1.1o Adolf Belka
@ 2022-05-04 19:43 ` Peter Müller
0 siblings, 0 replies; 2+ messages in thread
From: Peter Müller @ 2022-05-04 19:43 UTC (permalink / raw)
To: development
[-- Attachment #1: Type: text/plain, Size: 1680 bytes --]
Reviewed-by: Peter Müller <peter.mueller(a)ipfire.org>
> - Update from version 1.1.1n to 1.1.1o
> - Update of rootfile not required
> - This patch is to go into CU168 as this update is for fixing a moderate severity CVE
> - Changelog
> 1.1.1o [3 May 2022]
> (CVE-2022-1292)
> Fixed a bug in the c_rehash script which was not properly sanitising shell
> metacharacters to prevent command injection. This script is distributed by
> some operating systems in a manner where it is automatically executed. On
> such operating systems, an attacker could execute arbitrary commands with the
> privileges of the script.
> Use of the c_rehash script is considered obsolete and should be replaced
> by the OpenSSL rehash command line tool.
>
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> lfs/openssl | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lfs/openssl b/lfs/openssl
> index 2aa0aeb86..a1328fcd0 100644
> --- a/lfs/openssl
> +++ b/lfs/openssl
> @@ -24,7 +24,7 @@
>
> include Config
>
> -VER = 1.1.1n
> +VER = 1.1.1o
>
> THISAPP = openssl-$(VER)
> DL_FILE = $(THISAPP).tar.gz
> @@ -74,7 +74,7 @@ objects = $(DL_FILE)
>
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
>
> -$(DL_FILE)_BLAKE2 = af530258d9f7ca4f1bd1c6c344eb385e766e465c9341dd08797676165f67bbb82d3fd549ed7559dc12fb8c9c4db5e04fa6ec7ab729ec1467f5e8bce469ff5398
> +$(DL_FILE)_BLAKE2 = 5bd355fd17adf43ba4e3bf1a8036ceb724edd4f4ab80dc25aecc3d2647372e9db2bc12e2b89791fc4b6f7fd95a7b68e00490d09ca6518d25ab990ee27798e641
>
> install : $(TARGET)
>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-05-04 19:43 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-04 10:59 [PATCH] openssl: Update to version 1.1.1o Adolf Belka
2022-05-04 19:43 ` Peter Müller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox