Re: [OpenWrt-Devel] [PATCH] openssl: version bump
On 06/06/2014 01:00, Florian Fainelli wrote: On Jun 5, 2014 2:54 PM, joerg jungermann j...@borkum.net mailto:j...@borkum.net wrote: today appeared another serious vulnerability in openssl. More info is here http://ccsinjection.lepidum.co.jp. Users are advised to update to openssl 1.0.1h. Thank you for your patch, it was committed in r41026 and 41027. Will there be a backport to AA 12.09? There has been one just applied in r41027 i'll kick the release-builder once i've had breakfast best regards -- Joerg Jungermann ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org mailto:openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] openssl: version bump
Hi, On Thu, Jun 05, 2014 at 11:54:40PM +0200, joerg jungermann wrote: today appeared another serious vulnerability in openssl. More info is here http://ccsinjection.lepidum.co.jp. Users are advised to update to openssl 1.0.1h. Thank you for your patch, it was committed in r41026 and 41027. Will there be a backport to AA 12.09? Seconded - that would be very welcome (because OpenVPN is vulnerable to CVE-2014-0224). gert -- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany g...@greenie.muc.de fax: +49-89-35655025g...@net.informatik.tu-muenchen.de pgpKjTwnFL2Wa.pgp Description: PGP signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] openssl: version bump
Hello, today appeared another serious vulnerability in openssl. More info is here http://ccsinjection.lepidum.co.jp. Users are advised to update to openssl 1.0.1h. Signed-off-by: Martin Strbacka martin.strba...@nic.cz --- diff --git a/package/libs/openssl/Makefile b/package/libs/openssl/Makefile index 26833a3..fff260b 100644 --- a/package/libs/openssl/Makefile +++ b/package/libs/openssl/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssl -PKG_VERSION:=1.0.1g +PKG_VERSION:=1.0.1h PKG_RELEASE:=1 PKG_USE_MIPS16:=0 @@ -18,7 +18,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.openssl.org/source/ \ ftp://ftp.funet.fi/pub/crypt/mirrors/ftp.openssl.org/source \ ftp://ftp.sunet.se/pub/security/tools/net/openssl/source/ -PKG_MD5SUM:=de62b43dfcd858e66a74bee1c834e959 +PKG_MD5SUM:=8d6d684a9430d5cc98a62a5d8fbda8cf PKG_LICENSE:=SSLEAY OPENSSL PKG_LICENSE_FILES:=LICENSE ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] openssl: version bump
On 06/05/2014 03:13 PM, Martin Strbačka wrote: Hello, today appeared another serious vulnerability in openssl. More info is here http://ccsinjection.lepidum.co.jp. Users are advised to update to openssl 1.0.1h. Signed-off-by: Martin Strbacka martin.strba...@nic.cz --- Thank you for your patch, it was committed in r41026 and 41027. Hauke ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] openssl: version bump
today appeared another serious vulnerability in openssl. More info is here http://ccsinjection.lepidum.co.jp. Users are advised to update to openssl 1.0.1h. Thank you for your patch, it was committed in r41026 and 41027. Will there be a backport to AA 12.09? best regards -- Joerg Jungermann ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] openssl: version bump
On Jun 5, 2014 2:54 PM, joerg jungermann j...@borkum.net wrote: today appeared another serious vulnerability in openssl. More info is here http://ccsinjection.lepidum.co.jp. Users are advised to update to openssl 1.0.1h. Thank you for your patch, it was committed in r41026 and 41027. Will there be a backport to AA 12.09? There has been one just applied in r41027 best regards -- Joerg Jungermann ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel