From: Richard Purdie <richard.purdie@linuxfoundation.org>
To: akuster808 <akuster808@gmail.com>, Martin Jansa <martin.jansa@gmail.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [master][krogoth][PATCH] openssl: Security fix via update to 1.0.2h
Date: Sat, 14 May 2016 09:36:14 +0100 [thread overview]
Message-ID: <1463214974.9746.146.camel@linuxfoundation.org> (raw)
In-Reply-To: <5736340E.1010401@gmail.com>
On Fri, 2016-05-13 at 13:07 -0700, akuster808 wrote:
>
> On 05/13/2016 07:31 AM, Martin Jansa wrote:
> > On Wed, May 11, 2016 at 03:37:59AM -0700, akuster808 wrote:
> > > Robert,
> > >
> > >
> > > On 05/10/2016 11:22 PM, Robert Yang wrote:
> > > >
> > > >
> > > > On 05/04/2016 07:46 AM, Armin Kuster wrote:
> > > > > From: Armin Kuster <akuster@mvista.com>
> > > > >
> > > > > CVE-2016-2105
> > > > > CVE-2016-2106
> > > > > CVE-2016-2109
> > > > > CVE-2016-2176
> > > > >
> > > > > https://www.openssl.org/news/secadv/20160503.txt
> > > > >
> > > > > fixup openssl-avoid-NULL-pointer-dereference-in
> > > > > -EVP_DigestInit_ex.patch
> > > > >
> > > > > drop crypto_use_bigint_in_x86-64_perl.patch as that fix is in
> > > > > latest.
> > > >
> > > > After I looked into the code, it seems that this patch is not
> > > > in latest
> > > > code ?
> > >
> > > hmm, my old eyes deceive me.
> > >
> > > thanks for checking.
> > >
> > > I will send a correcting.
> >
> > 1.0.2h is already in fido, jethro and master, can we quickly get it
> > to krogoth
> > which is still using older version 1.0.2g?
>
> this hit master 2 days ago. I just sync'd changes over to krogth and
> am
> doing sanity checks. The last time I backported something before
> master
> folks got the shorts-in-a-twist.
>
> >
> > It's always strange to see recipe version downgrades when upgrading
> > to
> > newer Yocto release.
>
> yes it is. I have no control when the other maintainers do their
> merges.
I should explain that in this case we had 1.8.2 pretty much ready to
go, then the openssl issue came to light. I therefore fast tracked that
merge on the basis that getting it into the release and a build into QA
was "a good thing", and on the assumption that getting this into jethro
would follow quickly.
In general we do fallow the waterfall model and this was an exception
to the rule, purely to try and help my sanity and keep builds/releases
moving.
Cheers,
Richard
prev parent reply other threads:[~2016-05-14 8:36 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-03 23:46 [master][krogoth][PATCH] openssl: Security fix via update to 1.0.2h Armin Kuster
2016-05-11 5:44 ` Robert Yang
2016-05-11 6:22 ` Robert Yang
2016-05-11 10:37 ` akuster808
2016-05-13 14:31 ` Martin Jansa
2016-05-13 16:19 ` Martin Jansa
2016-05-15 20:17 ` akuster808
2016-05-13 20:07 ` akuster808
2016-05-14 8:36 ` Richard Purdie [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1463214974.9746.146.camel@linuxfoundation.org \
--to=richard.purdie@linuxfoundation.org \
--cc=akuster808@gmail.com \
--cc=martin.jansa@gmail.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox