[OE-core] [PATCH 0/1] [jethro] openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)

Wed May 11 10:39:22 UTC 2016

On 05/11/2016 12:43 AM, Robert Yang wrote:
> The following changes since commit 69b49e8dc45cf60defba547d93e663df42c92127:
> 
>   boot-directdisk.bbclass: remove HDDIMG before create (2016-05-09 14:37:19 +0100)
> 
> are available in the git repository at:
> 
>   git://git.openembedded.org/openembedded-core-contrib rbt/openssl
>   http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=rbt/openssl
> 
> Robert Yang (1):
>   openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)

Thank you. that saved my some work.

- armin

> 
>  .../openssl/0001-Add-test-for-CVE-2015-3194.patch  |  66 ---
>  ...64-mont5.pl-fix-carry-propagating-bug-CVE.patch | 101 ----
>  .../CVE-2015-3194-1-Add-PSS-parameter-check.patch  |  45 --
>  ...CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch |  66 ---
>  .../openssl/openssl/CVE-2015-3197.patch            |  63 ---
>  .../openssl/openssl/CVE-2016-0701_1.patch          | 102 ----
>  .../openssl/openssl/CVE-2016-0701_2.patch          | 156 ------
>  .../openssl/openssl/CVE-2016-0800.patch            | 198 -------
>  .../openssl/openssl/CVE-2016-0800_2.patch          | 592 ---------------------
>  .../openssl/openssl/CVE-2016-0800_3.patch          | 503 -----------------
>  .../openssl/crypto_use_bigint_in_x86-64_perl.patch |  14 +-
>  .../openssl/debian1.0.2/block_diginotar.patch      |  17 +-
>  .../{debian => debian1.0.2}/version-script.patch   |  35 +-
>  ...-pointer-dereference-in-EVP_DigestInit_ex.patch |  14 +-
>  .../{openssl_1.0.2d.bb => openssl_1.0.2h.bb}       |  18 +-
>  15 files changed, 40 insertions(+), 1950 deletions(-)
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch
>  delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch
>  rename meta/recipes-connectivity/openssl/openssl/{debian => debian1.0.2}/version-script.patch (99%)
>  rename meta/recipes-connectivity/openssl/{openssl_1.0.2d.bb => openssl_1.0.2h.bb} (73%)
> 