[OE-core] [fido][PATCH 0/1] Fido OpenSSL security upgrade

[Joshua Lock]

Backport a patch from jethro for an OpenSSL upgrade to ensure recent CVE
fixes are included.

The following changes since commit fd27f8620ae4d95dfe07b27eee4256b0a128348a:

  gtk+_2.24.25: backport a fix for building with newer host perl (2016-05-06 15:51:15 +0100)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib joshuagl/fido-next
  http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=joshuagl/fido-next

Robert Yang (1):
  openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)

 .../openssl/0001-Add-test-for-CVE-2015-3194.patch  |  66 ---
 ...64-mont5.pl-fix-carry-propagating-bug-CVE.patch | 101 ----
 .../CVE-2015-3194-1-Add-PSS-parameter-check.patch  |  45 --
 ...CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch |  66 ---
 .../openssl/openssl/CVE-2015-3197.patch            |  63 ---
 .../openssl/openssl/CVE-2016-0701_1.patch          | 102 ----
 .../openssl/openssl/CVE-2016-0701_2.patch          | 156 ------
 .../openssl/openssl/CVE-2016-0800.patch            | 198 -------
 .../openssl/openssl/CVE-2016-0800_2.patch          | 592 ---------------------
 .../openssl/openssl/CVE-2016-0800_3.patch          | 503 -----------------
 .../openssl/crypto_use_bigint_in_x86-64_perl.patch |  14 +-
 .../openssl/debian1.0.2/block_diginotar.patch      |  17 +-
 .../{debian => debian1.0.2}/version-script.patch   |  35 +-
 ...-pointer-dereference-in-EVP_DigestInit_ex.patch |  14 +-
 .../{openssl_1.0.2d.bb => openssl_1.0.2h.bb}       |  18 +-
 15 files changed, 40 insertions(+), 1950 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch
 rename meta/recipes-connectivity/openssl/openssl/{debian => debian1.0.2}/version-script.patch (99%)
 rename meta/recipes-connectivity/openssl/{openssl_1.0.2d.bb => openssl_1.0.2h.bb} (67%)

-- 
2.5.5