[OE-core] [PATCH] openssl: update 1.0.2e -> 1.0.2f ( CVE-2016-0701 CVE-2015-3197 )
Andre McCurdy
armccurdy at gmail.com
Thu Jan 28 20:55:45 UTC 2016
Major changes between OpenSSL 1.0.2e and OpenSSL 1.0.2f [28 Jan 2016]
o DH small subgroups (CVE-2016-0701)
o SSLv2 doesn't block disabled ciphers (CVE-2015-3197)
Updated LICENSE hash due to change in copyright year.
Signed-off-by: Andre McCurdy <armccurdy at gmail.com>
---
.../openssl/{openssl_1.0.2e.bb => openssl_1.0.2f.bb} | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
rename meta/recipes-connectivity/openssl/{openssl_1.0.2e.bb => openssl_1.0.2f.bb} (91%)
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2e.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2f.bb
similarity index 91%
rename from meta/recipes-connectivity/openssl/openssl_1.0.2e.bb
rename to meta/recipes-connectivity/openssl/openssl_1.0.2f.bb
index d2a265a..fbc78e1 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2e.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2f.bb
@@ -6,7 +6,7 @@ DEPENDS += "cryptodev-linux"
CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=27ffa5d74bb5a337056c14b2ef93fbf6"
export DIRS = "crypto ssl apps engines"
export OE_LDFLAGS="${LDFLAGS}"
@@ -40,8 +40,8 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
file://configure-musl-target.patch \
"
-SRC_URI[md5sum] = "5262bfa25b60ed9de9f28d5d52d77fc5"
-SRC_URI[sha256sum] = "e23ccafdb75cfcde782da0151731aa2185195ac745eea3846133f2e05c0e0bff"
+SRC_URI[md5sum] = "b3bf73f507172be9292ea2a8c28b659d"
+SRC_URI[sha256sum] = "932b4ee4def2b434f85435d9e3e19ca8ba99ce9a065a61524b429a9d5e9b2e9c"
PACKAGES =+ "${PN}-engines"
FILES_${PN}-engines = "${libdir}/ssl/engines/*.so ${libdir}/engines"
--
1.9.1
More information about the Openembedded-core
mailing list