Mainly CVE fixes. Added a patch to fix compilation without deprecated OpenSSL APIs. Signed-off-by: Rosen Penev <rosenp@gmail.com>