deps: float 26d7fce1 from openssl (CVE-2018-0734 follow-on)
The fix for CVE-2018-0734, floated in 213c7d2d, failed to include a constant-time calculation for one of the variables. This introduces a fix for that.
Ref: https://github.com/openssl/openssl/pull/7549 Upstream: https://github.com/openssl/openssl/commit/26d7fce1
Original commit message:
Add a constant time flag to one of the bignums to avoid a timing leak.
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7549)
(cherry picked from commit 00496b6423605391864fbbd1693f23631a1c5239)
This is for 1.1.0, so can go in to 11 and 10. I'll do a separate one for 1.0.2.
@nodejs/crypto