package/libopenssl: security bump version to 3.3.2

Fixes the following security issues:

- CVE-2024-6119: Possible denial of service in X.509 name checks [Moderate
  severity]
  https://openssl-library.org/news/secadv/20240903.txt

- CVE-2024-5535: SSL_select_next_proto buffer overread [Low severity]
  https://openssl-library.org/news/secadv/20240528.txt

Updated _SITE and project URL according to
https://openssl-library.org/post/2024-04-30-releases-distribution-changes/

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: add CVE details]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libopenssl/libopenssl.hash

@@ -1,5 +1,5 @@
-# From https://www.openssl.org/source/openssl-3.3.1.tar.gz.sha256
-sha256  777cd596284c883375a2a7a11bf5d2786fc5413255efab20c50d6ffe6d020b7e  openssl-3.3.1.tar.gz
+# From https://github.com/openssl/openssl/releases/download/openssl-3.3.2/openssl-3.3.2.tar.gz.sha256
+sha256  2e8a40b01979afe8be0bbfb3de5dc1c6709fedb46d6c89c10da114ab5fc3d281  openssl-3.3.2.tar.gz
 
 # License files
 sha256  7d5450cb2d142651b8afa315b5f238efc805dad827d91ba367d8516bc9d49e7a  LICENSE.txt

package/libopenssl/libopenssl.mk

@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-LIBOPENSSL_VERSION = 3.3.1
-LIBOPENSSL_SITE = https://www.openssl.org/source
+LIBOPENSSL_VERSION = 3.3.2
+LIBOPENSSL_SITE = https://github.com/openssl/openssl/releases/download/openssl-$(LIBOPENSSL_VERSION)
 LIBOPENSSL_SOURCE = openssl-$(LIBOPENSSL_VERSION).tar.gz
 LIBOPENSSL_LICENSE = Apache-2.0
 LIBOPENSSL_LICENSE_FILES = LICENSE.txt

package/openssl/Config.in

@@ -35,7 +35,7 @@ config BR2_PACKAGE_LIBOPENSSL
 	  (TLS v1) as well as a full-strength general-purpose
 	  cryptography library.
 
-	  http://www.openssl.org/
+	  https://openssl-library.org/
 
 	  Note: Some helper scripts need perl.