openssl10: Upgrade 1.0.2l -> 1.0.2m

Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>

1 files changed, 0 insertions, 29 deletions

diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2l/debian1.0.2/block_digicert_malaysia.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2l/debian1.0.2/block_digicert_malaysia.patch
deleted file mode 100644
index c43bcd1c77..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-1.0.2l/debian1.0.2/block_digicert_malaysia.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From: Raphael Geissert <geissert@debian.org>
-Description: make X509_verify_cert indicate that any certificate whose
- name contains "Digicert Sdn. Bhd." (from Malaysia) is revoked.
-Forwarded: not-needed
-Origin: vendor
-Last-Update: 2011-11-05
-
-Upstream-Status: Backport [debian]
-
-
-Index: openssl-1.0.2~beta1/crypto/x509/x509_vfy.c
-===================================================================
---- openssl-1.0.2~beta1.orig/crypto/x509/x509_vfy.c	2014-02-25 00:16:12.488028844 +0100
-+++ openssl-1.0.2~beta1/crypto/x509/x509_vfy.c	2014-02-25 00:16:12.484028929 +0100
-@@ -964,10 +964,11 @@
- 	for (i = sk_X509_num(ctx->chain) - 1; i >= 0; i--)
- 		{
- 		x = sk_X509_value(ctx->chain, i);
--		/* Mark DigiNotar certificates as revoked, no matter
--		 * where in the chain they are.
-+		/* Mark certificates containing the following names as
-+		 * revoked, no matter where in the chain they are.
- 		 */
--		if (x->name && strstr(x->name, "DigiNotar"))
-+		if (x->name && (strstr(x->name, "DigiNotar") ||
-+			strstr(x->name, "Digicert Sdn. Bhd.")))
- 			{
- 			ctx->error = X509_V_ERR_CERT_REVOKED;
- 			ctx->error_depth = i;