diff options
author | Eneas U de Queiroz <cotequeiroz@gmail.com> | 2019-09-17 10:52:11 -0300 |
---|---|---|
committer | Hans Dedecker <dedeckeh@gmail.com> | 2019-09-19 21:28:53 +0200 |
commit | d868d0a5d7e1d76bb1a8980346d222fae55fa18b (patch) | |
tree | fa505ae31a91c2e33b0941bb1561d9a144c74a12 /package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch | |
parent | ce536aeb3958dd305f4156f5ed55fd02f2e49736 (diff) | |
download | upstream-d868d0a5d7e1d76bb1a8980346d222fae55fa18b.tar.gz upstream-d868d0a5d7e1d76bb1a8980346d222fae55fa18b.tar.bz2 upstream-d868d0a5d7e1d76bb1a8980346d222fae55fa18b.zip |
openssl: bump to 1.1.1d
This version fixes 3 low-severity vulnerabilities:
- CVE-2019-1547: ECDSA remote timing attack
- CVE-2019-1549: Fork Protection
- CVE-2019-1563: Padding Oracle in PKCS7_dataDecode and
CMS_decrypt_set1_pkey
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Diffstat (limited to 'package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch')
-rw-r--r-- | package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch b/package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch index ebc4aa988f..84c68b16a2 100644 --- a/package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch +++ b/package/libs/openssl/patches/400-eng_devcrypto-save-ioctl-if-EVP_MD_.FLAG_ONESHOT.patch @@ -1,7 +1,7 @@ -From 48e2c9202ea345347da91f4c583e5915eb010d50 Mon Sep 17 00:00:00 2001 +From f14345422747a495a52f9237a43b8be189f21912 Mon Sep 17 00:00:00 2001 From: Eneas U de Queiroz <cote2004-github@yahoo.com> Date: Mon, 5 Nov 2018 15:54:17 -0200 -Subject: [PATCH 1/4] eng_devcrypto: save ioctl if EVP_MD_..FLAG_ONESHOT +Subject: eng_devcrypto: save ioctl if EVP_MD_..FLAG_ONESHOT Since each ioctl causes a context switch, slowing things down, if EVP_MD_CTX_FLAG_ONESHOT is set, then: @@ -14,6 +14,8 @@ Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/7585) +diff --git a/crypto/engine/eng_devcrypto.c b/crypto/engine/eng_devcrypto.c +index a727c6f646..a2c9a966f7 100644 --- a/crypto/engine/eng_devcrypto.c +++ b/crypto/engine/eng_devcrypto.c @@ -461,6 +461,7 @@ struct digest_ctx { @@ -24,7 +26,7 @@ Reviewed-by: Richard Levitte <levitte@openssl.org> }; static const struct digest_data_st { -@@ -564,12 +565,15 @@ static int digest_update(EVP_MD_CTX *ctx +@@ -564,12 +565,15 @@ static int digest_update(EVP_MD_CTX *ctx, const void *data, size_t count) if (digest_ctx == NULL) return 0; @@ -44,7 +46,7 @@ Reviewed-by: Richard Levitte <levitte@openssl.org> } static int digest_final(EVP_MD_CTX *ctx, unsigned char *md) -@@ -579,7 +583,10 @@ static int digest_final(EVP_MD_CTX *ctx, +@@ -579,7 +583,10 @@ static int digest_final(EVP_MD_CTX *ctx, unsigned char *md) if (md == NULL || digest_ctx == NULL) return 0; |