openwrt/package
Andre Heider eb7d2abbf0 openssl: bump to 1.1.1p
Changes between 1.1.1o and 1.1.1p [21 Jun 2022]

  *) In addition to the c_rehash shell command injection identified in
     CVE-2022-1292, further bugs where the c_rehash script does not
     properly sanitise shell metacharacters to prevent command injection have been
     fixed.

     When the CVE-2022-1292 was fixed it was not discovered that there
     are other places in the script where the file names of certificates
     being hashed were possibly passed to a command executed through the shell.

     This script is distributed by some operating systems in a manner where
     it is automatically executed.  On such operating systems, an attacker
     could execute arbitrary commands with the privileges of the script.

     Use of the c_rehash script is considered obsolete and should be replaced
     by the OpenSSL rehash command line tool.
     (CVE-2022-2068)
     [Daniel Fiala, Tomáš Mráz]

  *) When OpenSSL TLS client is connecting without any supported elliptic
     curves and TLS-1.3 protocol is disabled the connection will no longer fail
     if a ciphersuite that does not use a key exchange based on elliptic
     curves can be negotiated.
     [Tomáš Mráz]

Signed-off-by: Andre Heider <a.heider@gmail.com>
2022-07-04 23:03:09 +02:00
..
base-files failsafe: run on all consoles listed in /proc/cmdline 2022-06-19 12:40:30 +02:00
boot ramips: add support for Beeline SmartBox GIGA 2022-07-03 20:25:38 +02:00
devel strace: update to 5.18 2022-07-03 22:16:43 +02:00
firmware wireless-regdb: bump to 2022.06.06 2022-06-11 16:03:14 +03:00
kernel mac80211: Add DRIVER_11AX_SUPPORT dependency to mac80211-hwsim and iwlwifi 2022-07-03 20:48:44 +02:00
libs openssl: bump to 1.1.1p 2022-07-04 23:03:09 +02:00
network xdp-tools: add package 2022-07-04 18:36:03 +01:00
system opkg: update to 2022-02-24 2022-06-27 00:57:15 +02:00
utils f2fs-tools: import patch to fix compilation 2022-07-04 20:24:06 +02:00
Makefile build: fix opkg install step for large package selection 2021-05-12 11:13:53 +02:00