7131685 Need to upgrade openssl to 1.0.0g for CVE-2012-0050
7146824 S11 SRU openssl-1.0.0 Makefile variables unnecessarily differ from S11 Update
--- a/components/openssl/openssl-1.0.0/Makefile Fri Feb 17 12:19:15 2012 -0800
+++ b/components/openssl/openssl-1.0.0/Makefile Mon Feb 20 15:10:50 2012 -0800
@@ -25,14 +25,15 @@
COMPONENT_NAME = openssl
# When new version of OpenSSL comes in, you must update both COMPONENT_VERSION
# and IPS_COMPONENT_VERSION.
-COMPONENT_VERSION = 1.0.0f
+COMPONENT_VERSION = 1.0.0g
# Version for IPS. It is easier to do it manually than convert the letter to a
# number while taking into account that there might be no letter at all.
-IPS_COMPONENT_VERSION = 1.0.0.6
+IPS_COMPONENT_VERSION = 1.0.0.7
+COMPONENT_PROJECT_URL= http://www.openssl.org/
COMPONENT_SRC = $(COMPONENT_NAME)-$(COMPONENT_VERSION)
COMPONENT_ARCHIVE = $(COMPONENT_SRC).tar.gz
-COMPONENT_ARCHIVE_HASH= sha1:f087190fc7702f328324aaa89c297cab6e236564
-COMPONENT_ARCHIVE_URL = http://www.openssl.org/source/$(COMPONENT_ARCHIVE)
+COMPONENT_ARCHIVE_HASH= sha1:2b517baada2338663c27314cb922f9755e73e07f
+COMPONENT_ARCHIVE_URL = $(COMPONENT_PROJECT_URL)source/$(COMPONENT_ARCHIVE)
# Architecture-specific patches
EXTRA_PATCHES.i386 = $(PATCH_DIR)/openssl-1.0.0d-aesni-v4.i386-patch