On 13-03-28 09:15 AM, David Woodhouse wrote: > > Does it still have the horribly broken OpenSSL 1.0.1d release? That was > *very* quickly superseded by 1.0.1e, and then some fixes on top of that. > It would be a shame to ship 1.0.1d; better to have stuck with 1.0.1c > than that!
The very last commit even: https://dev.openwrt.org/changeset/36088/branches/attitude_adjustment Message: AA: backport openssl update from r35600 where r35600 is: Message: openssl: update OpenSSL to 1.0.1e, fix Cisco DTLS. 1.0.1d had a rushed fix for CVE-2013-0169 which broke in certain circumstances. 1.0.1e has the fix for TLS. Also include a further patch from the 1.0.1 branch which fixes the breakage this introduced for Cisco's outdated pre-standard version of DTLS, as used by OpenConnect. Update mirror URLs to reflect current reality. Signed-off-by: David Woodhouse <David.Woodhouse@…> Signed-off-by: Florian Fainelli <florian@…> Cheers, b.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
