[master] openssl 1.0.2f patch

4306.	[maint]		Added a PKCS#11 openssl patch supporting
			version 1.0.2f [RT #38312]

CHANGES

+4306.	[maint]		Added a PKCS#11 openssl patch supporting
+			version 1.0.2f [RT #38312]
+
 4305.	[bug]		dnssec-signzone was not removing unnecessary rrsigs
 			from the zone's apex. [RT #41483]
 

doc/arm/pkcs11.xml

@@ -169,14 +169,14 @@ $ <userinput> /opt/pkcs11/usr/bin/softhsm-util --init-token 0 --slot 0 --label s
     <para>
       The modified OpenSSL code is included in the BIND 9 release,
       in the form of a context diff against the latest versions of
-      OpenSSL.  OpenSSL 0.9.8, 1.0.0, and 1.0.1 are supported; there are
-      separate diffs for each version.  In the examples to follow,
-      we use OpenSSL 0.9.8, but the same methods work with OpenSSL
-      1.0.0 and 1.0.1.
+      OpenSSL.  OpenSSL 0.9.8, 1.0.0, 1.0.1 and 1.0.2 are supported;
+      there are separate diffs for each version.  In the examples to
+      follow, we use OpenSSL 0.9.8, but the same methods work with
+      OpenSSL 1.0.0 through 1.0.2.
     </para>
     <note><simpara>
-      The latest OpenSSL versions as of this writing (January 2015)
-      are 0.9.8zc, 1.0.0o, and 1.0.1j.
+      The OpenSSL patches as of this writing (January 2016)
+      support versions 0.9.8zh, 1.0.0t, 1.0.1q and 1.0.2f.
       ISC will provide updated patches as new versions of OpenSSL
       are released. The version number in the following examples
       is expected to change.