From d51bedcff66259a57ffa82961c6930ee83f60585 Mon Sep 17 00:00:00 2001
From: Rob Austein <sra@hactrn.net>
Date: Mon, 12 Mar 2012 17:32:45 +0000
Subject: CVE-2012-0884 (Bleichenbacher's "Million Message Attack") only
 applies to CMS when used for encryption, so I don't think it's a serious
 issue for RPKI CMS signed data, but upgrade to OpenSSL 1.0.0h anyway.

svn path=/trunk/; revision=4395
---
 openssl/Makefile.in           |   2 +-
 openssl/openssl-1.0.0f.tar.gz | Bin 4043367 -> 0 bytes
 openssl/openssl-1.0.0h.tar.gz | Bin 0 -> 4048067 bytes
 openssl/update-snapshot.sh    |   2 +-
 4 files changed, 2 insertions(+), 2 deletions(-)
 delete mode 100644 openssl/openssl-1.0.0f.tar.gz
 create mode 100644 openssl/openssl-1.0.0h.tar.gz

(limited to 'openssl')

diff --git a/openssl/Makefile.in b/openssl/Makefile.in
index b5085c17..3dd8cfe5 100644
--- a/openssl/Makefile.in
+++ b/openssl/Makefile.in
@@ -1,6 +1,6 @@
 # $Id$
 
-VERSION = 1.0.0f
+VERSION = 1.0.0h
 
 OPENSSL_CONFIG_COMMAND  = @OPENSSL_CONFIG_COMMAND@
 OPENSSL_BUILD_DIRECTORY = ${abs_builddir}/openssl
diff --git a/openssl/openssl-1.0.0f.tar.gz b/openssl/openssl-1.0.0f.tar.gz
deleted file mode 100644
index 7bce05eb..00000000
Binary files a/openssl/openssl-1.0.0f.tar.gz and /dev/null differ
diff --git a/openssl/openssl-1.0.0h.tar.gz b/openssl/openssl-1.0.0h.tar.gz
new file mode 100644
index 00000000..516416bd
Binary files /dev/null and b/openssl/openssl-1.0.0h.tar.gz differ
diff --git a/openssl/update-snapshot.sh b/openssl/update-snapshot.sh
index 94932f59..3320caeb 100755
--- a/openssl/update-snapshot.sh
+++ b/openssl/update-snapshot.sh
@@ -6,7 +6,7 @@
 
 #version="1.0.0-stable-SNAP-$(date +%Y%m%d)"
 
-version="1.0.0f"
+version="1.0.0h"
 
 tarball="openssl-${version}.tar.gz"
 
-- 
cgit v1.2.3