- Update from version 1.1.1n to 1.1.1o - Update of rootfile not required - This patch is to go into CU168 as this update is for fixing a moderate severity CVE - Changelog 1.1.1o [3 May 2022] (CVE-2022-1292) Fixed a bug in the c_rehash script which was not properly sanitising shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.
Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- lfs/openssl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lfs/openssl b/lfs/openssl index 2aa0aeb86..a1328fcd0 100644 --- a/lfs/openssl +++ b/lfs/openssl @@ -24,7 +24,7 @@
include Config
-VER = 1.1.1n +VER = 1.1.1o
THISAPP = openssl-$(VER) DL_FILE = $(THISAPP).tar.gz @@ -74,7 +74,7 @@ objects = $(DL_FILE)
$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
-$(DL_FILE)_BLAKE2 = af530258d9f7ca4f1bd1c6c344eb385e766e465c9341dd08797676165f67bbb82d3fd549ed7559dc12fb8c9c4db5e04fa6ec7ab729ec1467f5e8bce469ff5398 +$(DL_FILE)_BLAKE2 = 5bd355fd17adf43ba4e3bf1a8036ceb724edd4f4ab80dc25aecc3d2647372e9db2bc12e2b89791fc4b6f7fd95a7b68e00490d09ca6518d25ab990ee27798e641
install : $(TARGET)