From: Elan Ruusamäe <glen@delfi.ee>
Date: Thu, 22 Sep 2016 17:58:56 +0000 (+0300)
Subject: OpenSSL 1.0.2i [22 Sep 2016]; SWEET32 mitigation and typical CVE fixes
X-Git-Tag: auto/ac/openssl-1.0.2i-1
X-Git-Url: https://git.pld-linux.org/?p=packages%2Fopenssl.git;a=commitdiff_plain;h=02ab006

OpenSSL 1.0.2i [22 Sep 2016]; SWEET32 mitigation and typical CVE fixes

- OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
- SWEET32 Mitigation (CVE-2016-2183)
- OOB write in MDC2_Update() (CVE-2016-6303)
- Malformed SHA512 ticket DoS (CVE-2016-6302)
- OOB write in BN_bn2dec() (CVE-2016-2182)
- OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
- Pointer arithmetic undefined behaviour (CVE-2016-2177)
- Constant time flag not preserved in DSA signing (CVE-2016-2178)
- DTLS buffered message DoS (CVE-2016-2179)
- DTLS replay protection DoS (CVE-2016-2181)
- Certificate message OOB reads (CVE-2016-6306)

https://www.openssl.org/news/openssl-1.0.2-notes.html
---

diff --git a/openssl.spec b/openssl.spec
index 23ccce1..0d140d6 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -30,7 +30,7 @@ License:	Apache-like
 Group:		Libraries
 %if %{without snap}
 Source0:	https://www.openssl.org/source/%{name}-%{version}.tar.gz
-# Source0-md5:	9392e65072ce4b614c1392eefc1f23d0
+# Source0-md5:	678374e63f8df456a697d3e5e5a931fb
 %else
 Source1:	https://github.com/openssl/openssl/archive/OpenSSL_1_0_2-stable/%{name}-%{version}-dev.tar.gz
 %endif