Apply patches from the openssl-1.0.1e-51.el7_2.4.src.rpm package
downloaded from the Oracle server.
* Wed Feb 24 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.4
- fix CVE-2016-0702 - side channel attack on modular exponentiation
- fix CVE-2016-0705 - double-free in DSA private key parsing
- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn
* Tue Feb 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.3
- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method
The patches were taken from openssl-1.0.1e-51.el7_2.2.src.rpm and
apply all CVEs that were not applied yet. Document which patches
were not applied. There should be another openssl version soon as
the next round of fixes was announced for the 1st of March.
After the upgrade "opkg update with https feeds" and "openvpn against
netport" were tested. They seem to work.
Fixes: SYS#2448