[OE-core] [PATCH 3/3] nettle: Security fix CVE-2015-8804
Burton, Ross
ross.burton at intel.com
Tue Feb 9 14:30:08 UTC 2016
On 9 February 2016 at 10:33, Alexander Kanavin <
alexander.kanavin at linux.intel.com> wrote:
> On 02/09/2016 03:29 AM, Armin Kuster wrote:
>
>> From: Armin Kuster <akuster at mvista.com>
>>
>> Signed-off-by: Armin Kuster <akuster at mvista.com>
>> ---
>> .../nettle/nettle-3.1.1/CVE-2015-8804.patch | 281
>> +++++++++++++++++++++
>> meta/recipes-support/nettle/nettle_3.1.1.bb | 1 +
>>
>
> Why not update to latest upstream (3.2) instead?
Yes, if both of these CVEs are fixed in 3.2 then master should upgrade
(with stable branches getting the patches if deemed severe enough).
Ross
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openembedded.org/pipermail/openembedded-core/attachments/20160209/69087764/attachment-0002.html>
More information about the Openembedded-core
mailing list