openssl updated to 0.97k to fix CVE-2006-4339

git-svn-id: svn+slack://slack.fluxo.info/var/svn/slackbuilds@169 370017ae-e619-0410-ac65-c121f96126d4

diff --git a/patches/openssl/openssl.SlackBuild b/patches/openssl/openssl.SlackBuild
index 4c0c9f6edc5708ae422529cf3decf507d495f95c..f67ed87e877ef0be8b4fb42212aca1b86112241f 100755 (executable)
--- a/patches/openssl/openssl.SlackBuild
+++ b/patches/openssl/openssl.SlackBuild
@@ -35,7 +35,7 @@ if [ -f "~/.slackbuildrc" ]; then
 fi
 
 PACKAGE="openssl"
-VERSION=${VERSION:=0.9.7g}
+VERSION=${VERSION:=0.9.7k}
 ARCH=${ARCH:=i486}
 BUILD=${BUILD:=1rha}
 SRC_DIR=${SRC:=$CWD}
@@ -234,8 +234,14 @@ tar xvf$tarflag $SRC_DIR/$SRC
 cd openssl-$VERSION
 # Use .so.0, not .so.0.9.7:
 zcat $CWD/openssl.soname.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit
+
 # Fix CAN-2005-2969 (SSL 2.0 rollback bug):
-zcat $CWD/patch-CAN-2005-2969.diff.gz | patch -p0 --backup --verbose --suffix=.orig || exit
+for vulnerable in 0.9.7g 0.9.7f 0.9.7e 0.9.7d 0.9.7c 0.9.7b 0.9.7a 0.9.7 0.9.8; do
+  if [ "$VERSION" == "$vulnerable" ]; then
+    zcat $CWD/patch-CAN-2005-2969.diff.gz | patch -p0 --backup --verbose --suffix=.orig || exit
+  fi
+done
+
 if [ "$ARCH" = "i486" ]; then
   # Build with -march=i486 -mcpu=i686:
   zcat $CWD/openssl.optsx86.diff.gz | patch -p1 --backup --verbose --suffix=.orig || exit