Tue May 3 14:51:17 2016 UTC ()
Update security/openssl to version 1.0.2h.

Changes between 1.0.2g and 1.0.2h [3 May 2016]

*) Prevent padding oracle in AES-NI CBC MAC check

   A MITM attacker can use a padding oracle attack to decrypt traffic
   when the connection uses an AES CBC cipher and the server support
   AES-NI.

   This issue was introduced as part of the fix for Lucky 13 padding
   attack (CVE-2013-0169). The padding check was rewritten to be in
   constant time by making sure that always the same bytes are read and
   compared against either the MAC or padding bytes. But it no longer
   checked that there was enough data to have both the MAC and padding
   bytes.

   This issue was reported by Juraj Somorovsky using TLS-Attacker.
   (CVE-2016-2107)
   [Kurt Roeckx]

*) Fix EVP_EncodeUpdate overflow

   An overflow can occur in the EVP_EncodeUpdate() function which is used for
   Base64 encoding of binary data. If an attacker is able to supply very large
   amounts of input data then a length check can overflow resulting in a heap
   corruption.

   Internally to OpenSSL the EVP_EncodeUpdate() function is primarly used by
   the PEM_write_bio* family of functions. These are mainly used within the
   OpenSSL command line applications, so any application which processes data
   from an untrusted source and outputs it as a PEM file should be considered
   vulnerable to this issue. User applications that call these APIs directly
   with large amounts of untrusted data may also be vulnerable.

   This issue was reported by Guido Vranken.
   (CVE-2016-2105)
   [Matt Caswell]

*) Fix EVP_EncryptUpdate overflow

   An overflow can occur in the EVP_EncryptUpdate() function. If an attacker
   is able to supply very large amounts of input data after a previous call to
   EVP_EncryptUpdate() with a partial block then a length check can overflow
   resulting in a heap corruption. Following an analysis of all OpenSSL
   internal usage of the EVP_EncryptUpdate() function all usage is one of two
   forms. The first form is where the EVP_EncryptUpdate() call is known to be
   the first called function after an EVP_EncryptInit(), and therefore that
   specific call must be safe. The second form is where the length passed to
   EVP_EncryptUpdate() can be seen from the code to be some small value and
   therefore there is no possibility of an overflow. Since all instances are
   one of these two forms, it is believed that there can be no overflows in
   internal code due to this problem. It should be noted that
   EVP_DecryptUpdate() can call EVP_EncryptUpdate() in certain code paths.
   Also EVP_CipherUpdate() is a synonym for EVP_EncryptUpdate(). All instances
   of these calls have also been analysed too and it is believed there are no
   instances in internal usage where an overflow could occur.

   This issue was reported by Guido Vranken.
   (CVE-2016-2106)
   [Matt Caswell]

*) Prevent ASN.1 BIO excessive memory allocation

   When ASN.1 data is read from a BIO using functions such as d2i_CMS_bio()
   a short invalid encoding can casuse allocation of large amounts of memory
   potentially consuming excessive resources or exhausting memory.

   Any application parsing untrusted data through d2i BIO functions is
   affected. The memory based functions such as d2i_X509() are *not* affected.
   Since the memory based functions are used by the TLS library, TLS
   applications are not affected.

   This issue was reported by Brian Carpenter.
   (CVE-2016-2109)
   [Stephen Henson]

*) EBCDIC overread

   ASN1 Strings that are over 1024 bytes can cause an overread in applications
   using the X509_NAME_oneline() function on EBCDIC systems. This could result
   in arbitrary stack data being returned in the buffer.

   This issue was reported by Guido Vranken.
   (CVE-2016-2176)
   [Matt Caswell]

*) Modify behavior of ALPN to invoke callback after SNI/servername
   callback, such that updates to the SSL_CTX affect ALPN.
   [Todd Short]

*) Remove LOW from the DEFAULT cipher list.  This removes singles DES from the
   default.
   [Kurt Roeckx]

*) Only remove the SSLv2 methods with the no-ssl2-method option. When the
   methods are enabled and ssl2 is disabled the methods return NULL.
   [Kurt Roeckx]


(jperkin)
diff -r1.222 -r1.223 pkgsrc/security/openssl/Makefile
diff -r1.28 -r1.29 pkgsrc/security/openssl/PLIST.common
diff -r1.121 -r1.122 pkgsrc/security/openssl/distinfo
cvs diff -r1.222 -r1.223 pkgsrc/security/openssl/Makefile (expand / switch to unified diff)

--- pkgsrc/security/openssl/Makefile 2016/03/05 11:27:55 1.222
+++ pkgsrc/security/openssl/Makefile 2016/05/03 14:51:16 1.223
@@ -1,17 +1,16 @@ @@ -1,17 +1,16 @@
1# $NetBSD: Makefile,v 1.222 2016/03/05 11:27:55 jperkin Exp $ 1# $NetBSD: Makefile,v 1.223 2016/05/03 14:51:16 jperkin Exp $
2 2
3DISTNAME= openssl-1.0.2g 3DISTNAME= openssl-1.0.2h
4PKGREVISION= 1 
5CATEGORIES= security 4CATEGORIES= security
6MASTER_SITES= https://www.openssl.org/source/ 5MASTER_SITES= https://www.openssl.org/source/
7 6
8MAINTAINER= pkgsrc-users@NetBSD.org 7MAINTAINER= pkgsrc-users@NetBSD.org
9HOMEPAGE= https://www.openssl.org/ 8HOMEPAGE= https://www.openssl.org/
10COMMENT= Secure Socket Layer and cryptographic library 9COMMENT= Secure Socket Layer and cryptographic library
11LICENSE= openssl 10LICENSE= openssl
12 11
13CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]* 12CONFLICTS= SSLeay-[0-9]* ssleay-[0-9]*
14 13
15CRYPTO= yes 14CRYPTO= yes
16 15
17BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs 16BUILD_DEPENDS+= p5-Perl4-CoreLibs-[0-9]*:../../devel/p5-Perl4-CoreLibs
cvs diff -r1.28 -r1.29 pkgsrc/security/openssl/Attic/PLIST.common (expand / switch to unified diff)

--- pkgsrc/security/openssl/Attic/PLIST.common 2016/03/01 14:35:33 1.28
+++ pkgsrc/security/openssl/Attic/PLIST.common 2016/05/03 14:51:16 1.29
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST.common,v 1.28 2016/03/01 14:35:33 jperkin Exp $ 1@comment $NetBSD: PLIST.common,v 1.29 2016/05/03 14:51:16 jperkin Exp $
2bin/c_rehash 2bin/c_rehash
3bin/openssl 3bin/openssl
4include/openssl/aes.h 4include/openssl/aes.h
5include/openssl/asn1.h 5include/openssl/asn1.h
6include/openssl/asn1_mac.h 6include/openssl/asn1_mac.h
7include/openssl/asn1t.h 7include/openssl/asn1t.h
8include/openssl/bio.h 8include/openssl/bio.h
9include/openssl/blowfish.h 9include/openssl/blowfish.h
10include/openssl/bn.h 10include/openssl/bn.h
11include/openssl/buffer.h 11include/openssl/buffer.h
12include/openssl/camellia.h 12include/openssl/camellia.h
13include/openssl/cast.h 13include/openssl/cast.h
14include/openssl/cmac.h 14include/openssl/cmac.h
@@ -737,42 +737,50 @@ man/man3/EVP_CIPHER_asn1_to_param.3 @@ -737,42 +737,50 @@ man/man3/EVP_CIPHER_asn1_to_param.3
737man/man3/EVP_CIPHER_block_size.3 737man/man3/EVP_CIPHER_block_size.3
738man/man3/EVP_CIPHER_flags.3 738man/man3/EVP_CIPHER_flags.3
739man/man3/EVP_CIPHER_iv_length.3 739man/man3/EVP_CIPHER_iv_length.3
740man/man3/EVP_CIPHER_key_length.3 740man/man3/EVP_CIPHER_key_length.3
741man/man3/EVP_CIPHER_mode.3 741man/man3/EVP_CIPHER_mode.3
742man/man3/EVP_CIPHER_nid.3 742man/man3/EVP_CIPHER_nid.3
743man/man3/EVP_CIPHER_param_to_asn1.3 743man/man3/EVP_CIPHER_param_to_asn1.3
744man/man3/EVP_CIPHER_type.3 744man/man3/EVP_CIPHER_type.3
745man/man3/EVP_CipherFinal.3 745man/man3/EVP_CipherFinal.3
746man/man3/EVP_CipherFinal_ex.3 746man/man3/EVP_CipherFinal_ex.3
747man/man3/EVP_CipherInit.3 747man/man3/EVP_CipherInit.3
748man/man3/EVP_CipherInit_ex.3 748man/man3/EVP_CipherInit_ex.3
749man/man3/EVP_CipherUpdate.3 749man/man3/EVP_CipherUpdate.3
 750man/man3/EVP_DecodeBlock.3
 751man/man3/EVP_DecodeFinal.3
 752man/man3/EVP_DecodeInit.3
 753man/man3/EVP_DecodeUpdate.3
750man/man3/EVP_DecryptFinal.3 754man/man3/EVP_DecryptFinal.3
751man/man3/EVP_DecryptFinal_ex.3 755man/man3/EVP_DecryptFinal_ex.3
752man/man3/EVP_DecryptInit.3 756man/man3/EVP_DecryptInit.3
753man/man3/EVP_DecryptInit_ex.3 757man/man3/EVP_DecryptInit_ex.3
754man/man3/EVP_DecryptUpdate.3 758man/man3/EVP_DecryptUpdate.3
755man/man3/EVP_DigestFinal.3 759man/man3/EVP_DigestFinal.3
756man/man3/EVP_DigestFinal_ex.3 760man/man3/EVP_DigestFinal_ex.3
757man/man3/EVP_DigestInit.3 761man/man3/EVP_DigestInit.3
758man/man3/EVP_DigestInit_ex.3 762man/man3/EVP_DigestInit_ex.3
759man/man3/EVP_DigestSignFinal.3 763man/man3/EVP_DigestSignFinal.3
760man/man3/EVP_DigestSignInit.3 764man/man3/EVP_DigestSignInit.3
761man/man3/EVP_DigestSignUpdate.3 765man/man3/EVP_DigestSignUpdate.3
762man/man3/EVP_DigestUpdate.3 766man/man3/EVP_DigestUpdate.3
763man/man3/EVP_DigestVerifyFinal.3 767man/man3/EVP_DigestVerifyFinal.3
764man/man3/EVP_DigestVerifyInit.3 768man/man3/EVP_DigestVerifyInit.3
765man/man3/EVP_DigestVerifyUpdate.3 769man/man3/EVP_DigestVerifyUpdate.3
 770man/man3/EVP_EncodeBlock.3
 771man/man3/EVP_EncodeFinal.3
 772man/man3/EVP_EncodeInit.3
 773man/man3/EVP_EncodeUpdate.3
766man/man3/EVP_EncryptFinal.3 774man/man3/EVP_EncryptFinal.3
767man/man3/EVP_EncryptFinal_ex.3 775man/man3/EVP_EncryptFinal_ex.3
768man/man3/EVP_EncryptInit.3 776man/man3/EVP_EncryptInit.3
769man/man3/EVP_EncryptInit_ex.3 777man/man3/EVP_EncryptInit_ex.3
770man/man3/EVP_EncryptUpdate.3 778man/man3/EVP_EncryptUpdate.3
771man/man3/EVP_MAX_MD_SIZE.3 779man/man3/EVP_MAX_MD_SIZE.3
772man/man3/EVP_MD_CTX_block_size.3 780man/man3/EVP_MD_CTX_block_size.3
773man/man3/EVP_MD_CTX_cleanup.3 781man/man3/EVP_MD_CTX_cleanup.3
774man/man3/EVP_MD_CTX_copy.3 782man/man3/EVP_MD_CTX_copy.3
775man/man3/EVP_MD_CTX_copy_ex.3 783man/man3/EVP_MD_CTX_copy_ex.3
776man/man3/EVP_MD_CTX_create.3 784man/man3/EVP_MD_CTX_create.3
777man/man3/EVP_MD_CTX_destroy.3 785man/man3/EVP_MD_CTX_destroy.3
778man/man3/EVP_MD_CTX_init.3 786man/man3/EVP_MD_CTX_init.3
@@ -1210,26 +1218,28 @@ man/man3/SSL_CTX_sess_set_get_cb.3 @@ -1210,26 +1218,28 @@ man/man3/SSL_CTX_sess_set_get_cb.3
1210man/man3/SSL_CTX_sess_set_new_cb.3 1218man/man3/SSL_CTX_sess_set_new_cb.3
1211man/man3/SSL_CTX_sess_set_remove_cb.3 1219man/man3/SSL_CTX_sess_set_remove_cb.3
1212man/man3/SSL_CTX_sess_timeouts.3 1220man/man3/SSL_CTX_sess_timeouts.3
1213man/man3/SSL_CTX_sessions.3 1221man/man3/SSL_CTX_sessions.3
1214man/man3/SSL_CTX_set0_chain.3 1222man/man3/SSL_CTX_set0_chain.3
1215man/man3/SSL_CTX_set0_chain_cert_store.3 1223man/man3/SSL_CTX_set0_chain_cert_store.3
1216man/man3/SSL_CTX_set0_verify_cert_store.3 1224man/man3/SSL_CTX_set0_verify_cert_store.3
1217man/man3/SSL_CTX_set1_chain.3 1225man/man3/SSL_CTX_set1_chain.3
1218man/man3/SSL_CTX_set1_chain_cert_store.3 1226man/man3/SSL_CTX_set1_chain_cert_store.3
1219man/man3/SSL_CTX_set1_curves.3 1227man/man3/SSL_CTX_set1_curves.3
1220man/man3/SSL_CTX_set1_curves_list.3 1228man/man3/SSL_CTX_set1_curves_list.3
1221man/man3/SSL_CTX_set1_param.3 1229man/man3/SSL_CTX_set1_param.3
1222man/man3/SSL_CTX_set1_verify_cert_store.3 1230man/man3/SSL_CTX_set1_verify_cert_store.3
 1231man/man3/SSL_CTX_set_alpn_protos.3
 1232man/man3/SSL_CTX_set_alpn_select_cb.3
1223man/man3/SSL_CTX_set_cert_cb.3 1233man/man3/SSL_CTX_set_cert_cb.3
1224man/man3/SSL_CTX_set_cert_store.3 1234man/man3/SSL_CTX_set_cert_store.3
1225man/man3/SSL_CTX_set_cert_verify_callback.3 1235man/man3/SSL_CTX_set_cert_verify_callback.3
1226man/man3/SSL_CTX_set_cipher_list.3 1236man/man3/SSL_CTX_set_cipher_list.3
1227man/man3/SSL_CTX_set_client_CA_list.3 1237man/man3/SSL_CTX_set_client_CA_list.3
1228man/man3/SSL_CTX_set_client_cert_cb.3 1238man/man3/SSL_CTX_set_client_cert_cb.3
1229man/man3/SSL_CTX_set_current_cert.3 1239man/man3/SSL_CTX_set_current_cert.3
1230man/man3/SSL_CTX_set_custom_cli_ext.3 1240man/man3/SSL_CTX_set_custom_cli_ext.3
1231man/man3/SSL_CTX_set_default_passwd_cb.3 1241man/man3/SSL_CTX_set_default_passwd_cb.3
1232man/man3/SSL_CTX_set_default_passwd_cb_userdata.3 1242man/man3/SSL_CTX_set_default_passwd_cb_userdata.3
1233man/man3/SSL_CTX_set_default_read_ahead.3 1243man/man3/SSL_CTX_set_default_read_ahead.3
1234man/man3/SSL_CTX_set_ecdh_auto.3 1244man/man3/SSL_CTX_set_ecdh_auto.3
1235man/man3/SSL_CTX_set_ex_data.3 1245man/man3/SSL_CTX_set_ex_data.3
@@ -1289,26 +1299,27 @@ man/man3/SSL_alert_type_string.3 @@ -1289,26 +1299,27 @@ man/man3/SSL_alert_type_string.3
1289man/man3/SSL_alert_type_string_long.3 1299man/man3/SSL_alert_type_string_long.3
1290man/man3/SSL_build_cert_chain.3 1300man/man3/SSL_build_cert_chain.3
1291man/man3/SSL_callback_ctrl.3 1301man/man3/SSL_callback_ctrl.3
1292man/man3/SSL_check_chain.3 1302man/man3/SSL_check_chain.3
1293man/man3/SSL_check_private_key.3 1303man/man3/SSL_check_private_key.3
1294man/man3/SSL_clear.3 1304man/man3/SSL_clear.3
1295man/man3/SSL_clear_chain_certs.3 1305man/man3/SSL_clear_chain_certs.3
1296man/man3/SSL_clear_options.3 1306man/man3/SSL_clear_options.3
1297man/man3/SSL_connect.3 1307man/man3/SSL_connect.3
1298man/man3/SSL_ctrl.3 1308man/man3/SSL_ctrl.3
1299man/man3/SSL_do_handshake.3 1309man/man3/SSL_do_handshake.3
1300man/man3/SSL_flush_sessions.3 1310man/man3/SSL_flush_sessions.3
1301man/man3/SSL_free.3 1311man/man3/SSL_free.3
 1312man/man3/SSL_get0_alpn_selected.3
1302man/man3/SSL_get0_chain_certs.3 1313man/man3/SSL_get0_chain_certs.3
1303man/man3/SSL_get0_param.3 1314man/man3/SSL_get0_param.3
1304man/man3/SSL_get1_curves.3 1315man/man3/SSL_get1_curves.3
1305man/man3/SSL_get_SSL_CTX.3 1316man/man3/SSL_get_SSL_CTX.3
1306man/man3/SSL_get_accept_state.3 1317man/man3/SSL_get_accept_state.3
1307man/man3/SSL_get_cipher.3 1318man/man3/SSL_get_cipher.3
1308man/man3/SSL_get_cipher_bits.3 1319man/man3/SSL_get_cipher_bits.3
1309man/man3/SSL_get_cipher_list.3 1320man/man3/SSL_get_cipher_list.3
1310man/man3/SSL_get_cipher_name.3 1321man/man3/SSL_get_cipher_name.3
1311man/man3/SSL_get_cipher_version.3 1322man/man3/SSL_get_cipher_version.3
1312man/man3/SSL_get_ciphers.3 1323man/man3/SSL_get_ciphers.3
1313man/man3/SSL_get_client_CA_list.3 1324man/man3/SSL_get_client_CA_list.3
1314man/man3/SSL_get_current_cipher.3 1325man/man3/SSL_get_current_cipher.3
@@ -1343,36 +1354,38 @@ man/man3/SSL_get_verify_result.3 @@ -1343,36 +1354,38 @@ man/man3/SSL_get_verify_result.3
1343man/man3/SSL_get_version.3 1354man/man3/SSL_get_version.3
1344man/man3/SSL_has_matching_session_id.3 1355man/man3/SSL_has_matching_session_id.3
1345man/man3/SSL_library_init.3 1356man/man3/SSL_library_init.3
1346man/man3/SSL_load_client_CA_file.3 1357man/man3/SSL_load_client_CA_file.3
1347man/man3/SSL_load_error_strings.3 1358man/man3/SSL_load_error_strings.3
1348man/man3/SSL_need_tmp_rsa.3 1359man/man3/SSL_need_tmp_rsa.3
1349man/man3/SSL_new.3 1360man/man3/SSL_new.3
1350man/man3/SSL_pending.3 1361man/man3/SSL_pending.3
1351man/man3/SSL_read.3 1362man/man3/SSL_read.3
1352man/man3/SSL_remove_session.3 1363man/man3/SSL_remove_session.3
1353man/man3/SSL_rstate_string.3 1364man/man3/SSL_rstate_string.3
1354man/man3/SSL_rstate_string_long.3 1365man/man3/SSL_rstate_string_long.3
1355man/man3/SSL_select_current_cert.3 1366man/man3/SSL_select_current_cert.3
 1367man/man3/SSL_select_next_proto.3
1356man/man3/SSL_session_reused.3 1368man/man3/SSL_session_reused.3
1357man/man3/SSL_set0_chain.3 1369man/man3/SSL_set0_chain.3
1358man/man3/SSL_set0_chain_cert_store.3 1370man/man3/SSL_set0_chain_cert_store.3
1359man/man3/SSL_set0_verify_cert_store.3 1371man/man3/SSL_set0_verify_cert_store.3
1360man/man3/SSL_set1_chain.3 1372man/man3/SSL_set1_chain.3
1361man/man3/SSL_set1_chain_cert_store.3 1373man/man3/SSL_set1_chain_cert_store.3
1362man/man3/SSL_set1_curves.3 1374man/man3/SSL_set1_curves.3
1363man/man3/SSL_set1_curves_list.3 1375man/man3/SSL_set1_curves_list.3
1364man/man3/SSL_set1_param.3 1376man/man3/SSL_set1_param.3
1365man/man3/SSL_set1_verify_cert_store.3 1377man/man3/SSL_set1_verify_cert_store.3
 1378man/man3/SSL_set_alpn_protos.3
1366man/man3/SSL_set_bio.3 1379man/man3/SSL_set_bio.3
1367man/man3/SSL_set_cert_cb.3 1380man/man3/SSL_set_cert_cb.3
1368man/man3/SSL_set_cipher_list.3 1381man/man3/SSL_set_cipher_list.3
1369man/man3/SSL_set_client_CA_list.3 1382man/man3/SSL_set_client_CA_list.3
1370man/man3/SSL_set_connect_state.3 1383man/man3/SSL_set_connect_state.3
1371man/man3/SSL_set_current_cert.3 1384man/man3/SSL_set_current_cert.3
1372man/man3/SSL_set_ecdh_auto.3 1385man/man3/SSL_set_ecdh_auto.3
1373man/man3/SSL_set_ex_data.3 1386man/man3/SSL_set_ex_data.3
1374man/man3/SSL_set_fd.3 1387man/man3/SSL_set_fd.3
1375man/man3/SSL_set_generate_session_id.3 1388man/man3/SSL_set_generate_session_id.3
1376man/man3/SSL_set_info_callback.3 1389man/man3/SSL_set_info_callback.3
1377man/man3/SSL_set_max_cert_list.3 1390man/man3/SSL_set_max_cert_list.3
1378man/man3/SSL_set_mode.3 1391man/man3/SSL_set_mode.3
cvs diff -r1.121 -r1.122 pkgsrc/security/openssl/distinfo (expand / switch to unified diff)

--- pkgsrc/security/openssl/distinfo 2016/03/01 14:35:33 1.121
+++ pkgsrc/security/openssl/distinfo 2016/05/03 14:51:16 1.122
@@ -1,15 +1,15 @@ @@ -1,15 +1,15 @@
1$NetBSD: distinfo,v 1.121 2016/03/01 14:35:33 jperkin Exp $ 1$NetBSD: distinfo,v 1.122 2016/05/03 14:51:16 jperkin Exp $
2 2
3SHA1 (openssl-1.0.2g.tar.gz) = 36af23887402a5ea4ebef91df8e61654906f58f2 3SHA1 (openssl-1.0.2h.tar.gz) = 577585f5f5d299c44dd3c993d3c0ac7a219e4949
4RMD160 (openssl-1.0.2g.tar.gz) = b5a697ac0195dc84e17f2089b0e649d7129b36c2 4RMD160 (openssl-1.0.2h.tar.gz) = b7ab97d34582b7467929bbcd2bb8fbc4d19ac05e
5SHA512 (openssl-1.0.2g.tar.gz) = 4d96b6c8a232203483d6e8bee81da01ba10977bfbac92f25304a36dec9ea584b7ef917bc45e097cc7dbe681d71a4570d649c22244c178393ae91fab48323f735 5SHA512 (openssl-1.0.2h.tar.gz) = 780601f6f3f32f42b6d7bbc4c593db39a3575f9db80294a10a68b2b0bb79448d9bd529ca700b9977354cbdfc65887c76af0aa7b90d3ee421f74ab53e6f15c303
6Size (openssl-1.0.2g.tar.gz) = 5266102 bytes 6Size (openssl-1.0.2h.tar.gz) = 5274412 bytes
7SHA1 (patch-Configure) = bebb9c435914b89ab9d5afabceb7d95903d4b56a 7SHA1 (patch-Configure) = bebb9c435914b89ab9d5afabceb7d95903d4b56a
8SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b 8SHA1 (patch-Makefile.org) = d2a9295003a8b88718a328b01ff6bcbbc102ec0b
9SHA1 (patch-Makefile.shared) = d317004d6ade167fc3b6e533bb8a1e93657188b2 9SHA1 (patch-Makefile.shared) = d317004d6ade167fc3b6e533bb8a1e93657188b2
10SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30 10SHA1 (patch-apps_Makefile) = 60113291f2a25f5f1c1dba35e8173087bcd4cc30
11SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31 11SHA1 (patch-config) = 345cadece3bdf0ef0a273a6c9ba6d0cbb1026a31
12SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8 12SHA1 (patch-crypto_bn_bn__prime.pl) = a516f3709a862d85e659d466e895419b1e0a94c8
13SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2 13SHA1 (patch-crypto_des_Makefile) = 7a23f9883ff6c93ec0e5d08e1332cc95de8cdba2
14SHA1 (patch-engines_ccgost_Makefile) = 5ff1e2705f6cb46075d5e005af9e804bb81d65e5 14SHA1 (patch-engines_ccgost_Makefile) = 5ff1e2705f6cb46075d5e005af9e804bb81d65e5
15SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc 15SHA1 (patch-tools_Makefile) = 67f0b9b501969382fd89b678c277d32bf5d294bc