[gnome-continuous-yocto/gnomeostree-3.28-rocko: 5110/8267] openssl: actually apply Use-SHA256-not-MD5-as-default-digest.patch

[Emmanuele Bassi <ebassi src gnome org>]

commit 500a5e44a9d6bf9d795f4d1cf28333ed71f0e07b
Author: Ross Burton <ross burton intel com>
Date:   Tue Mar 14 12:49:47 2017 +0000

    openssl: actually apply Use-SHA256-not-MD5-as-default-digest.patch
    
    This patch was added to fix a CVE, but wasn't actually added to SRC_URI:
    
        CVE: CVE-2004-2761
        The MD5 Message-Digest Algorithm is not collision resistant,
        which makes it easier for context-dependent attackers to
        conduct spoofing attacks, as demonstrated by attacks on the
        use of MD5 in the signature algorithm of an X.509 certificate.
    
    (From OE-Core rev: 8791800f84321b3f46772bc2d9e4f754e6213946)
    
    Signed-off-by: Ross Burton <ross burton intel com>
    Signed-off-by: Richard Purdie <richard purdie linuxfoundation org>

 .../recipes-connectivity/openssl/openssl_1.0.2k.bb |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)
---
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb 
b/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
index 1973f81..922819b 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb
@@ -41,6 +41,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
             file://configure-musl-target.patch \
             file://parallel.patch \
             file://openssl-util-perlpath.pl-cwd.patch \
+            file://Use-SHA256-not-MD5-as-default-digest.patch \
            "
 SRC_URI[md5sum] = "f965fc0bf01bf882b31314b61391ae65"
 SRC_URI[sha256sum] = "6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0"