openssl: Updated (1.0.1j -> 1.0.1k) SECURITY! See note.

This update solves eight security issues namingly: 1. DTLS segmentation fault in dtls1_get_record (CVE-2014-3571) 2. DTLS memory leak in dtls1_buffer_record (CVE-2015-0206) 3. no-ssl3 configuration sets method to NULL (CVE-2014-3569) 4. ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572) 5. RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204) 6. DH client certificates accepted without verification [Server] (CVE-2015-0205) 7. Certificate fingerprints can be modified (CVE-2014-8275) 8. Bignum squaring may produce incorrect results (CVE-2014-3570) URL for this Security Advisory: https://www.openssl.org/news/secadv_20150108.txt
10 years ago · 879991d3c5
1 changed files with 3 additions and 3 deletions
--- a/security/openssl/openssl.desc
+++ b/security/openssl/openssl.desc
@ -2,7 +2,7 @@
 [COPY] This copyright note is auto-generated by ./scripts/Create-CopyPatch.
 [COPY]
 [COPY] Filename: package/.../openssl/openssl.desc
-[COPY] Copyright (C) 2006 - 2014 The OpenSDE Project
+[COPY] Copyright (C) 2006 - 2015 The OpenSDE Project
 [COPY] Copyright (C) 2004 - 2006 The T2 SDE Project
 [COPY] Copyright (C) 1998 - 2003 Clifford Wolf
 [COPY]
@ -35,7 +35,7 @@

 [L] OpenSource
 [S] Stable
-[V] 1.0.1j
+[V] 1.0.1k
 [P] X -?-3-5---9 104.600

-[D] 308977037 openssl-1.0.1j.tar.gz http://www.openssl.org/source/
+[D] 3535569651 openssl-1.0.1k.tar.gz http://www.openssl.org/source/