[OE-core] [PATCH] openssl: Address CVE-2014-0160
Saul Wold
sgw at linux.intel.com
Mon Apr 7 22:05:01 UTC 2014
This was the suggested fix for those unable to update to the new 1.0.1g version.
Since we are so close to our release, we should hold of on the update until 1.7
Signed-off-by: Saul Wold <sgw at linux.intel.com>
---
meta/recipes-connectivity/openssl/openssl_1.0.1e.bb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
index 618ba68..874aa21 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
@@ -4,7 +4,7 @@ require openssl.inc
# if they are available.
DEPENDS += "cryptodev-linux"
-CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
+CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS -DOPENSSL_NO_HEARTBEATS"
PR = "${INC_PR}.0"
--
1.8.3.1
More information about the Openembedded-core
mailing list