[oe-commits] Cristiana Voicu : openssl: Upgrade to v1.0.1g

git at git.openembedded.org git at git.openembedded.org
Tue Apr 8 16:36:26 UTC 2014 

Module: openembedded-core.git
Branch: master
Commit: ff52836e1838590eeec7d7658e15b21d83cf8455
URL:    http://git.openembedded.org/?p=openembedded-core.git&a=commit;h=ff52836e1838590eeec7d7658e15b21d83cf8455

Author: Cristiana Voicu <cristiana.voicu at intel.com>
Date:   Tue Apr  8 14:49:48 2014 +0300

openssl: Upgrade to v1.0.1g

The trigger for the upgrade was the serious "heartbleed" vulnerability
(CVE-2014-0160). More information:
http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx

Dropped obsolete patches, because the new version contains them:
        0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch
        0001-Fix-DTLS-retransmission-from-previous-session.patch
        0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch

Modified 2 patches (small changes), in order to apply properly:
        initial-aarch64-bits.patch
        openssl-fix-doc.patch

Addresses CVEs:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076

Signed-off-by: Cristiana Voicu <cristiana.voicu at intel.com>
Signed-off-by: Richard Purdie <richard.purdie at linuxfoundation.org>

---

 ...DTLS-retransmission-from-previous-session.patch |  81 ----
 ...or-TLS-record-tampering-bug-CVE-2013-4353.patch |  31 --
 ...e-version-in-SSL_METHOD-not-SSL-structure.patch |  33 --
 .../openssl-1.0.1e/initial-aarch64-bits.patch      | 111 ------
 .../openssl/openssl-1.0.1e/openssl-fix-doc.patch   | 435 ---------------------
 meta/recipes-connectivity/openssl/openssl.inc      |   3 -
 .../configure-targets.patch                        |   0
 .../debian/c_rehash-compat.patch                   |   0
 .../{openssl-1.0.1e => openssl}/debian/ca.patch    |   0
 .../debian/debian-targets.patch                    |   0
 .../debian/make-targets.patch                      |   0
 .../debian/man-dir.patch                           |   0
 .../debian/man-section.patch                       |   0
 .../debian/no-rpath.patch                          |   0
 .../debian/no-symbolic.patch                       |   0
 .../{openssl-1.0.1e => openssl}/debian/pic.patch   |   0
 .../debian/version-script.patch                    |   0
 .../engines-install-in-libdir-ssl.patch            |   0
 .../openssl/{openssl-1.0.1e => openssl}/find.pl    |   0
 .../fix-cipher-des-ede3-cfb1.patch                 |   0
 .../openssl/openssl/initial-aarch64-bits.patch     | 119 ++++++
 .../{openssl-1.0.1e => openssl}/oe-ldflags.patch   |   0
 ...-pointer-dereference-in-EVP_DigestInit_ex.patch |   0
 ...NULL-pointer-dereference-in-dh_pub_encode.patch |   0
 .../openssl-fix-des.pod-error.patch                |   0
 .../openssl/openssl/openssl-fix-doc.patch          | 401 +++++++++++++++++++
 .../openssl-fix-link.patch                         |   0
 .../openssl_fix_for_x32.patch                      |   0
 .../{openssl-1.0.1e => openssl}/shared-libs.patch  |   0
 .../{openssl_1.0.1e.bb => openssl_1.0.1g.bb}       |   9 +-
 30 files changed, 522 insertions(+), 701 deletions(-)

Diff:   http://git.openembedded.org/?p=openembedded-core.git/?a=commitdiff;h=ff52836e1838590eeec7d7658e15b21d83cf8455

More information about the Openembedded-commits mailing list