buildroot/package/libopenssl, branch 2019.02-op-build

package/libopenssl: add runtime fixes for tor

2019-02-10T09:50:36+00:00

For details see https://bugs.archlinux.org/task/61623 Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard

package/libopenssl: renumber patches

2019-02-09T11:41:52+00:00

Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard

package/libopenssl: m68x use SMALL_FOOTPRINT mode

2019-02-08T21:39:50+00:00

OPENSSL_SMALL_FOOTPRINT mode selects alternate paths in the sha512 and blake2 algorithms which resolves a assembler issue like the following. /tmp/ccfnLhKQ.s: Assembler messages: /tmp/ccfnLhKQ.s:11167: Error: value -32790 out of range make[2]: *** [crypto/blake2/blake2b.o] Error 1 This issue was found after the OpenSSL1.1.x bump. Fixes http://autobuild.buildroot.net/results/533e817695cde321b725145112cfd83c092d9d75 Upstream ticket https://github.com/openssl/openssl/issues/8190 Signed-off-by: Matthew Weber Signed-off-by: Peter Korsgaard

libopenssl: bump version to 1.1.1a

2019-02-04T20:57:54+00:00

- use BR2_TOOLCHAIN_HAS_UCONTEXT This is used to set -DOPENSSL_NO_ASYNC if needed. - apply the CFLAGS correctly when compiling with -Os (bugfix). - use -latomic when needed This fixes the build for br-sparc-uclibc-2018.05 - don't use madvise() if no MMU Trying to do so results in undefined reference to madvise() as it is not available on uclibc without MMU. The original openssl code checks if a macro used in the madvise call is defined. The problem comes from the fact that the code in crypto/mem_sec.c also includes a kernel header defining the same macro unconditionally. Thus the check is always true in that case. Upstream: https://github.com/openssl/openssl/pull/8089 - don't compile test/fuzzers These binaries introduced with 1.1.x sometimes do not compile. This is the case with the br-arm-cortex-m4-full toolchain - don't build ocsp daemon if no MMU. Patch from Richard Levitte. - correctly enable cryptodev engine Thanks to Arnout Vandecappelle for spotting this. - remove all parallel build patches (openssl build-system changed) - rebased 0001-Dont-waste-time-building-manpages-if-we-re-not-going.patch to apply to Configurations/unix-Makefile.tmpl (Makefile template) - removed 0002-cryptodev-Fix-issue-with-signature-generation.patch (upstream applied) - rebased 0003-Reproducible-build-do-not-leak-compiler-path.patch to apply to crypto/build.info (Makefile template) - fix musl/uclibc build failure, use '-DOPENSSL_NO_ASYNC' - remove legacy enable-tlsext configure option - remove target/host libdir configure options, fixes openssl.pc installation path, fixes wget compile - change legacy INSTALL_PREFIX to DESTDIR - remove 'libraries gets installed read only, so strip fails' workaround (not needed anymore) - change engine directory from /usr/lib/engines to /usr/lib/engines-1.1 - change license file hash, no license change, only the following hint was removed: Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org. Signed-off-by: Peter Seiderer Tested-by: Ryan Coe Signed-off-by: Vadim Kochan Signed-off-by: Patrick Havelange Signed-off-by: Peter Korsgaard

package/libopenssl: use HTTPS for URL

2018-12-10T10:42:14+00:00

The host forces HTTPS regardless. This can be seen in the build logs: >>> host-libopenssl 1.0.2q Downloading URL transformed to HTTPS due to an HSTS policy --2018-12-10 09:53:27-- https://www.openssl.org/source/openssl-1.0.2q.tar.gz Signed-off-by: Joel Stanley Signed-off-by: Thomas Petazzoni

libopenssl: security bump to version 1.0.2q

2018-11-29T15:29:46+00:00

Fixes the following security vulnerabilities: *) Microarchitecture timing vulnerability in ECC scalar multiplication OpenSSL ECC scalar multiplication, used in e.g. ECDSA and ECDH, has been shown to be vulnerable to a microarchitecture timing side channel attack. An attacker with sufficient access to mount local timing attacks during ECDSA signature generation could recover the private key. This issue was reported to OpenSSL on 26th October 2018 by Alejandro Cabrera Aldaya, Billy Brumley, Sohaib ul Hassan, Cesar Pereida Garcia and Nicola Tuveri. (CVE-2018-5407) [Billy Brumley] *) Timing vulnerability in DSA signature generation The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. (CVE-2018-0734) [Paul Dale] For more information, see the changelog: https://www.openssl.org/news/cl102.txt Signed-off-by: Peter Korsgaard

package/libopenssl: security bump to version 1.0.2p

2018-08-17T07:03:44+00:00

Fixes CVE-2018-0732 & CVE-2018-0737: https://www.openssl.org/news/vulnerabilities.html Added upstream sha1 hash. Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard

libopenssl: security bump to version 1.0.2o

2018-03-30T06:27:00+00:00

Fixes the following security issues: Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739) Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. There are no such structures used within SSL/TLS that come from untrusted sources so this is considered safe. Incorrect CRYPTO_memcmp on HP-UX PA-RISC (CVE-2018-0733) Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. This allows an attacker to forge messages that would be considered as authenticated in an amount of tries lower than that guaranteed by the security claims of the scheme. The module can only be compiled by the HP-UX assembler, so that only HP-UX PA-RISC targets are affected. rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738) This issue has been reported in a previous OpenSSL security advisory and a fix was provided for OpenSSL 1.0.2. Due to the low severity no fix was released at that time for OpenSSL 1.1.0. The fix is now available in OpenSSL 1.1.0h. There is an overflow bug in the AVX2 Montgomery multiplication procedure used in exponentiation with 1024-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH1024 are considered just feasible, because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH1024 private key among multiple clients, which is no longer an option since CVE-2016-0701. This only affects processors that support the AVX2 but not ADX extensions like Intel Haswell (4th generation). For more details, see https://www.openssl.org/news/secadv/20180327.txt The copyright year changed in LICENSE, so adjust the hash to match. Signed-off-by: Peter Korsgaard

libopenssl: do not leak the compiler path (reproducible builds)

2018-01-08T20:06:56+00:00

Signed-off-by: Peter Seiderer Signed-off-by: Thomas Petazzoni

package/libopenssl: security bump to version 1.0.2n

2017-12-10T19:56:15+00:00

Fixes CVE-2017-3737 & CVE-2017-3738: https://www.openssl.org/news/secadv/20171207.txt Added license hash. Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard