Pending OpenSSL 1.0.2b upgrade

[rvagg]

https://mta.openssl.org/pipermail/openssl-announce/2015-June/000027.html

In a couple of days, on the 11th, there will be a new release containing security fixes. The highest of these is classified as "moderate" so this ought not be a big drama but it would be good for us to be on top of this and have a release out within a day or two max.

moderate severity issues. This includes issues like crashes in client applications, flaws in protocols that are less commonly used (such as DTLS), and local flaws. These will in general be kept private until the next release, and that release will be scheduled so that it can roll up several such flaws at one time.

[rvagg]

/cc @nodejs/crypto

[shigeki]

I've just made a test branch for upgrading the current HEAD of openssl-1.0.2 branch in
https://github.com/shigeki/io.js/commits/openssl-1.0.2b-pre .
CI works fine as https://jenkins-iojs.nodesource.com/job/iojs+any-pr+multi/782/ . But a test on Win32 is not made yet.

There no longer need to apply several floating patches of openssl to iojs so upgrading procedure gets more simpler. I'll update the doc.

[shigeki]

OpenSSL-1.0.2b has just been released.

Just looking the advisory at a glance, Malformed ECParameters causes infinite loop (CVE-2015-1788) seems to affect.

Update Branch: https://github.com/shigeki/io.js/tree/openssl-1.0.2b
CI: https://jenkins-iojs.nodesource.com/job/iojs+any-pr+multi/811/
Win32 build is now testing on my Windows.