Resolve "Bump openssl to 1.0.2o to fix CVE-2017-3738 and CVE-2017-3737"
Closes #3426
From changelog
- Major changes between OpenSSL 1.0.2n and OpenSSL 1.0.2o [27 Mar 2018]
- Constructed ASN.1 types with a recursive definition could exceed the stack (CVE-2018-0739)
- Major changes between OpenSSL 1.0.2m and OpenSSL 1.0.2n [7 Dec 2017]
- Read/write after SSL object in error state (CVE-2017-3737)
- rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
Edited by GitLab Release Tools Bot