CVE-2012-0884 (Bleichenbacher's "Million Message Attack") only applies

to CMS when used for encryption, so I don't think it's a serious issue
for RPKI CMS signed data, but upgrade to OpenSSL 1.0.0h anyway.

svn path=/trunk/; revision=4395

4 files changed, 2 insertions, 2 deletions

diff --git a/openssl/Makefile.in b/openssl/Makefile.in
index b5085c17..3dd8cfe5 100644
--- a/openssl/Makefile.in
+++ b/openssl/Makefile.in
@@ -1,6 +1,6 @@
 # $Id$
 
-VERSION = 1.0.0f
+VERSION = 1.0.0h
 
 OPENSSL_CONFIG_COMMAND  = @OPENSSL_CONFIG_COMMAND@
 OPENSSL_BUILD_DIRECTORY = ${abs_builddir}/openssl
diff --git a/openssl/openssl-1.0.0f.tar.gz b/openssl/openssl-1.0.0f.tar.gz
deleted file mode 100644
index 7bce05eb..00000000
--- a/openssl/openssl-1.0.0f.tar.gz
+++ /dev/null
diff --git a/openssl/openssl-1.0.0h.tar.gz b/openssl/openssl-1.0.0h.tar.gz
new file mode 100644
index 00000000..516416bd
--- /dev/null
+++ b/openssl/openssl-1.0.0h.tar.gz
diff --git a/openssl/update-snapshot.sh b/openssl/update-snapshot.sh
index 94932f59..3320caeb 100755
--- a/openssl/update-snapshot.sh
+++ b/openssl/update-snapshot.sh
@@ -6,7 +6,7 @@
 
 #version="1.0.0-stable-SNAP-$(date +%Y%m%d)"
 
-version="1.0.0f"
+version="1.0.0h"
 
 tarball="openssl-${version}.tar.gz"