package/libopenssl: security bump version to 3.3.2
Fixes the following security issues:
- CVE-2024-6119: Possible denial of service in X.509 name checks [Moderate
severity]
https://openssl-library.org/news/secadv/20240903.txt
- CVE-2024-5535: SSL_select_next_proto buffer overread [Low severity]
https://openssl-library.org/news/secadv/20240528.txt
Updated _SITE and project URL according to
https://openssl-library.org/post/2024-04-30-releases-distribution-changes/
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: add CVE details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
diff --git a/package/libopenssl/libopenssl.hash b/package/libopenssl/libopenssl.hash
index dd1c99f..52fce1e 100644
--- a/package/libopenssl/libopenssl.hash
+++ b/package/libopenssl/libopenssl.hash
@@ -1,5 +1,5 @@
-# From https://www.openssl.org/source/openssl-3.3.1.tar.gz.sha256
-sha256 777cd596284c883375a2a7a11bf5d2786fc5413255efab20c50d6ffe6d020b7e openssl-3.3.1.tar.gz
+# From https://github.com/openssl/openssl/releases/download/openssl-3.3.2/openssl-3.3.2.tar.gz.sha256
+sha256 2e8a40b01979afe8be0bbfb3de5dc1c6709fedb46d6c89c10da114ab5fc3d281 openssl-3.3.2.tar.gz
# License files
sha256 7d5450cb2d142651b8afa315b5f238efc805dad827d91ba367d8516bc9d49e7a LICENSE.txt
diff --git a/package/libopenssl/libopenssl.mk b/package/libopenssl/libopenssl.mk
index 89a9189..82b924c 100644
--- a/package/libopenssl/libopenssl.mk
+++ b/package/libopenssl/libopenssl.mk
@@ -4,8 +4,8 @@
#
################################################################################
-LIBOPENSSL_VERSION = 3.3.1
-LIBOPENSSL_SITE = https://www.openssl.org/source
+LIBOPENSSL_VERSION = 3.3.2
+LIBOPENSSL_SITE = https://github.com/openssl/openssl/releases/download/openssl-$(LIBOPENSSL_VERSION)
LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
LIBOPENSSL_LICENSE = Apache-2.0
LIBOPENSSL_LICENSE_FILES = LICENSE.txt
diff --git a/package/openssl/Config.in b/package/openssl/Config.in
index 30db152..d255a05 100644
--- a/package/openssl/Config.in
+++ b/package/openssl/Config.in
@@ -35,7 +35,7 @@
(TLS v1) as well as a full-strength general-purpose
cryptography library.
- http://www.openssl.org/
+ https://openssl-library.org/
Note: Some helper scripts need perl.