gitian: upgrade OpenSSL to 1.0.1h

Upgrade for https://www.openssl.org/news/secadv_20140605.txt

Just in case - there is no vulnerability that affects ecdsa signing or
verification.

The MITM attack vulnerability (CVE-2014-0224) may have some effect on
our usage of SSL/TLS.

As long as payment requests are signed (which is the common case), usage
of the payment protocol should also not be affected.

The TLS usage in RPC may be at risk for MITM attacks. If you have
`-rpcssl` enabled, be sure to update OpenSSL as soon as possible.
This commit is contained in:
Wladimir J. van der Laan
2014-06-05 15:44:35 +02:00
parent a92aded70e
commit 6e7c4d17d8
9 changed files with 36 additions and 36 deletions

View File

@@ -14,7 +14,7 @@ packages:
reference_datetime: "2011-01-30 00:00:00"
remotes: []
files:
- "openssl-1.0.1g.tar.gz"
- "openssl-1.0.1h.tar.gz"
- "db-4.8.30.NC.tar.gz"
- "miniupnpc-1.9.tar.gz"
- "zlib-1.2.8.tar.gz"
@@ -28,7 +28,7 @@ script: |
INDIR=$HOME/build
TEMPDIR=$HOME/tmp
# Input Integrity Check
echo "53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028 openssl-1.0.1g.tar.gz" | sha256sum -c
echo "9d1c8a9836aa63e2c6adb684186cbd4371c9e9dcc01d6e3bb447abf2d4d3d093 openssl-1.0.1h.tar.gz" | sha256sum -c
echo "12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef db-4.8.30.NC.tar.gz" | sha256sum -c
echo "2923e453e880bb949e3d4da9f83dd3cb6f08946d35de0b864d0339cf70934464 miniupnpc-1.9.tar.gz" | sha256sum -c
echo "36658cb768a54c1d4dec43c3116c27ed893e88b02ecfcb44f2166f9c0b7f2a0d zlib-1.2.8.tar.gz" | sha256sum -c
@@ -48,8 +48,8 @@ script: |
mkdir -p $INSTALLPREFIX $BUILDDIR
cd $BUILDDIR
#
tar xzf $INDIR/openssl-1.0.1g.tar.gz
cd openssl-1.0.1g
tar xzf $INDIR/openssl-1.0.1h.tar.gz
cd openssl-1.0.1h
if [ "$BITS" == "32" ]; then
OPENSSL_TGT=mingw
else
@@ -124,5 +124,5 @@ script: |
done
#
cd $INSTALLPREFIX
find include lib | sort | zip -X@ $OUTDIR/bitcoin-deps-win$BITS-gitian-r12.zip
find include lib | sort | zip -X@ $OUTDIR/bitcoin-deps-win$BITS-gitian-r13.zip
done # for BITS in