[OE-core] [daisy][PATCH 0/5] OpenSSL CVE fixes for the daisy branch
Paul Eggleton
paul.eggleton at linux.intel.com
Mon Jun 9 15:51:15 UTC 2014
NOTE: These patches needs to be applied *after* the OpenSSL
CVE-2010-5298 patch fix in Saul's pending daisy series (which is in
the branch for this pull request or it would not work otherwise.)
The following changes since commit:
openssl: add openssl-CVE-2010-5298.patch SRC_URI (2014-06-09 14:11:54 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib paule/openssl-daisy
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=paule/openssl-daisy
Paul Eggleton (5):
openssl: fix CVE-2014-0195
openssl: use upstream fix for CVE-2014-0198
openssl: fix CVE-2014-0221
openssl: fix CVE-2014-0224
openssl: fix CVE-2014-3470
.../openssl/openssl-1.0.1e-cve-2014-0195.patch | 40 ++++++++
.../openssl/openssl-1.0.1e-cve-2014-0198.patch | 38 ++++++++
.../openssl/openssl-1.0.1e-cve-2014-0221.patch | 38 ++++++++
.../openssl/openssl-1.0.1e-cve-2014-0224.patch | 103 +++++++++++++++++++++
.../openssl/openssl-1.0.1e-cve-2014-3470.patch | 31 +++++++
.../openssl/openssl-CVE-2014-0198-fix.patch | 23 -----
.../recipes-connectivity/openssl/openssl_1.0.1g.bb | 6 +-
7 files changed, 255 insertions(+), 24 deletions(-)
create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0198.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0221.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0224.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-3470.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-CVE-2014-0198-fix.patch
--
1.9.3
More information about the Openembedded-core
mailing list