[OE-core] [jethro][PATCH 0/2] Consolidated security pull request
Joshua Lock
joshua.g.lock at intel.com
Thu Mar 3 10:32:38 UTC 2016
This pull request picks up a couple of outstanding Jethro security fixes which
are also required for the fido branch. Note: the wpa-supplicant change isn't
required for master and an equivelant openssl fix is queued for master.
Please consider them for merging.
Regards,
Joshua
The following changes since commit 0c702756dd0009c4112028fbf2479a346867b32c:
build-appliance-image: Update to jethro head revision (2016-02-24 09:04:05 +0000)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib joshuagl/jethro
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=joshuagl/jethro
Armin Kuster (1):
openssl: Security fix CVE-2016-0800
Hongxu Jia (1):
wpa-supplicant: Fix CVE-2015-8041
.../openssl/openssl/CVE-2016-0800.patch | 198 +++++++
.../openssl/openssl/CVE-2016-0800_2.patch | 592 +++++++++++++++++++++
.../openssl/openssl/CVE-2016-0800_3.patch | 503 +++++++++++++++++
.../recipes-connectivity/openssl/openssl_1.0.2d.bb | 3 +
...load-length-validation-in-NDEF-record-par.patch | 64 +++
.../wpa-supplicant/wpa-supplicant_2.4.bb | 1 +
6 files changed, 1361 insertions(+)
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch
create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch
create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch
--
2.5.0
More information about the Openembedded-core
mailing list