Patches openssl 1.0.2's usage of secure_getenv to always use the
fallback OPENSSL_issetugid() instead, to remove reliance on a
higher glibc than the minimum we currently support (2.11)
See depends/patches/openssl/secure_getenv.patch for a full
description of the patch.
This passes `-Wa,--noexecstack` to the assembler when building
platform-specific assembly files, to signal that a non-executable stack
can be used. This is the same approach as used by Debian
(see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=430583)
Bumps the OpenSSL version to the latest release, and kills SSL2. (SSL3 was already killed here, so I'm not sure why SSL2 was left around?)
No other changes.