[OE-core] [PATCH] openssl: Upgrade to v1.0.1e
Saul Wold
sgw at linux.intel.com
Mon Apr 8 18:00:38 UTC 2013
On 04/08/2013 10:00 AM, Radu Moisan wrote:
>
> On 04/08/2013 07:54 PM, Richard Purdie wrote:
>> On Mon, 2013-04-08 at 19:47 +0300, Radu Moisan wrote:
>>> Dropped obolete patches and pulled updates for debian patches
>> Isn't there some CVE this upgrade fixes which would be worth a mention
>> in here?
>
> With respect to what we had (1.0.0j) Scott pointed out the following
>
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-2686
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0166
> http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-0169
>
> Yocto #3965 <https://bugzilla.yoctoproject.org/show_bug.cgi?id=3965>
>
>
Please put this in the commit message is what RP is getting after here.
Thanks
Sau!
> Radu
>
>
> _______________________________________________
> Openembedded-core mailing list
> Openembedded-core at lists.openembedded.org
> http://lists.linuxtogo.org/cgi-bin/mailman/listinfo/openembedded-core
>
More information about the Openembedded-core
mailing list