moved patch upstream

ChangeLog

@@ -28,12 +28,40 @@ history is also available from Git.
 
 LibreSSL Portable Release Notes:
 
+2.2.7 - Security Update
+
+	* Fix multiple vulnerabilities in libcrypto relating to ASN.1 and encoding.
+	From OpenSSL.
+
+2.2.6 - Security Update
+
+	* Deprecated the SSL_OP_SINGLE_DH_USE flag.
+
+2.2.5 - Reliability Update
+
+	* Fixes from OpenSSL 1.0.1q
+	 - CVE-2015-3194 - NULL pointer dereference in client side certificate
+	                   validation.
+	 - CVE-2015-3195 - Memory leak in PKCS7 - not reachable from TLS/SSL
+
+	* The following OpenSSL CVEs did not apply to LibreSSL
+	 - CVE-2015-3193 - Carry propagating bug in the x86_64 Montgomery
+	                   squaring procedure.
+	 - CVE-2015-3196 - Double free race condition of the identify hint
+	                   data.
+
+	 See https://marc.info/?l=openbsd-announce&m=144925068504102
+
 2.2.4 - Build and bug fixes
 
 	* Backported build fixes for CMake on Windows, OSX and Linux
 
 	* Fixes for a memory leak and out-of-bounds access in OBJ_obj2txt
 	  reported by Qualys Security.
+	 - CVE-2015-5333 - memory leak in OBJ_obj2txt
+	 - CVE-2015-5334 - 1-byte buffer overflow in OBJ_obj2txt
+
+	 See http://www.openwall.com/lists/oss-security/2015/10/16/1
 
 2.2.3 - Bug fixes, build enhancements
 

crypto/Makefile.am

@@ -3,6 +3,7 @@ include $(top_srcdir)/Makefile.am.common
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/asn1
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/evp
 AM_CPPFLAGS += -I$(top_srcdir)/crypto/modes
+AM_CPPFLAGS += -I$(top_srcdir)/crypto
 
 lib_LTLIBRARIES = libcrypto.la
 
@@ -119,6 +120,7 @@ libcrypto_la_SOURCES += mem_dbg.c
 libcrypto_la_SOURCES += o_init.c
 libcrypto_la_SOURCES += o_str.c
 libcrypto_la_SOURCES += o_time.c
+noinst_HEADERS += constant_time_locl.h
 noinst_HEADERS += cryptlib.h
 noinst_HEADERS += md32_common.h
 noinst_HEADERS += o_time.h