openssl: security bump to version 1.0.2a

Fixes:
CVE-2015-0291 - ClientHello sigalgs DoS
CVE-2015-0290 - Multiblock corrupted pointer
CVE-2015-0207 - Segmentation fault in DTLSv1_listen
CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
CVE-2015-0208 - Segmentation fault for invalid PSS parameters
CVE-2015-0287 - ASN.1 structure reuse memory corruption
CVE-2015-0289 - PKCS7 NULL pointer dereferences
CVE-2015-0293 - DoS via reachable assert in SSLv2 servers
CVE-2015-1787 - Empty CKE with client auth and DHE
CVE-2015-0285 - Handshake with unseeded PRNG
CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref

musl patch removed since it's no longer necessary.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

3 files changed, 5 insertions, 51 deletions

diff --git a/package/openssl/004-musl-termios.patch b/package/openssl/004-musl-termios.patch
deleted file mode 100644
index 66631d1129..0000000000
--- a/package/openssl/004-musl-termios.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-http://rt.openssl.org/Ticket/Display.html?id=3123
-
-From:	 Kevin Bortis <pkgs@bortis.ch>
-
-The attached patch fixes issues with musl libc on linux. musl does
-implement the POSIX 2008 standard termios.h on linux and does not
-include the non standard interface termio.h.
-
-The problem with dlinfo does no longer exists, since musl has
-implemented the required interface.
-
-This closes #2823 for me.
-
-Tested version:
-musl libc: 0.9.13
-openssl git: 1769dfab06dcf93a1c310ca7ea9531afcc448d0a
-
-Comparison of termios.h implementation on linux:
-
-glibc 2.17: does implement termios.h, passes make test
-musl 0.9.13: does implement termios.h, passes make test
-uClibc 0.9.33.2: does implement termios.h, not tested
-dietlibc 0.33: does implement termios.h, not tested
-
-I don't know the reason why termio.h is prefered on linux, since
-termios.h is generally prefered and implemented by all major libc
-implementations.
-
-Regards
-Kevin
-
---- a/crypto/ui/ui_openssl.c	2013-09-08 11:00:10.130572803 +0200
-+++ b/crypto/ui/ui_openssl.c	2013-09-08 11:29:35.806580447 +0200
-@@ -190,9 +190,9 @@
- # undef  SGTTY
- #endif
- 
--#if defined(linux) && !defined(TERMIO)
--# undef  TERMIOS
--# define TERMIO
-+#if defined(linux)
-+# define TERMIOS
-+# undef  TERMIO
- # undef  SGTTY
- #endif
- 
diff --git a/package/openssl/openssl.hash b/package/openssl/openssl.hash
index a8cb172005..c9987fca79 100644
--- a/package/openssl/openssl.hash
+++ b/package/openssl/openssl.hash
@@ -1,4 +1,4 @@
-# From https://www.openssl.org/source/openssl-1.0.2.tar.gz.md5
-# From https://www.openssl.org/source/openssl-1.0.2.tar.gz.sha1
-md5 38373013fc85c790aabf8837969c5eba openssl-1.0.2.tar.gz
-sha1 2f264f7f6bb973af444cd9fc6ee65c8588f610cc openssl-1.0.2.tar.gz
+# From https://www.openssl.org/source/openssl-1.0.2a.tar.gz.md5
+# From https://www.openssl.org/source/openssl-1.0.2a.tar.gz.sha1
+md5	a06c547dac9044161a477211049f60ef	openssl-1.0.2a.tar.gz
+sha1	46ecd325b8e587fa491f6bb02ad4a9fb9f382f5f	openssl-1.0.2a.tar.gz
diff --git a/package/openssl/openssl.mk b/package/openssl/openssl.mk
index 48f287e2c1..5ed59c0dad 100644
--- a/package/openssl/openssl.mk
+++ b/package/openssl/openssl.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-OPENSSL_VERSION = 1.0.2
+OPENSSL_VERSION = 1.0.2a
 OPENSSL_SITE = http://www.openssl.org/source
 OPENSSL_LICENSE = OpenSSL or SSLeay
 OPENSSL_LICENSE_FILES = LICENSE