[PATCH 0/1] openssl upgrade

Openembedded Core Discussions
 help / color / mirror / Atom feed

From: Cristiana Voicu <cristiana.voicu@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [PATCH 0/1] openssl upgrade
Date: Tue,  8 Apr 2014 14:49:47 +0300	[thread overview]
Message-ID: <cover.1396957462.git.cristiana.voicu@intel.com> (raw)

The trigger for the upgrade was the serious "heartbleed" vulnerability (CVE-2014-0160). 
More information: http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx
Tested locally on a core-image-sato. Tested with  openssl speed benchmark and
commands like version and help.
I am currently building on localautobuilder on major archs, but this will take some time.
I will announce in case of failure.

The following changes since commit bb66113bde5361b869dce2bdaece5b938f077ea8:

  bitbake: fetch2: Fix bug in file checksum generation (2014-04-06 11:31:26 +0100)

are available in the git repository at:

  git://git.yoctoproject.org/poky-contrib cvoicu/openssl-upgrade
  http://git.yoctoproject.org/cgit.cgi/poky-contrib/log/?h=cvoicu/openssl-upgrade

Cristiana Voicu (1):
  openssl: Upgrade to v1.0.1g

 ...DTLS-retransmission-from-previous-session.patch |   81 ------
 ...or-TLS-record-tampering-bug-CVE-2013-4353.patch |   31 ---
 ...e-version-in-SSL_METHOD-not-SSL-structure.patch |   33 ---
 meta/recipes-connectivity/openssl/openssl.inc      |    3 -
 .../configure-targets.patch                        |    0
 .../debian/c_rehash-compat.patch                   |    0
 .../{openssl-1.0.1e => openssl}/debian/ca.patch    |    0
 .../debian/debian-targets.patch                    |    0
 .../debian/make-targets.patch                      |    0
 .../debian/man-dir.patch                           |    0
 .../debian/man-section.patch                       |    0
 .../debian/no-rpath.patch                          |    0
 .../debian/no-symbolic.patch                       |    0
 .../{openssl-1.0.1e => openssl}/debian/pic.patch   |    0
 .../debian/version-script.patch                    |    0
 .../engines-install-in-libdir-ssl.patch            |    0
 .../openssl/{openssl-1.0.1e => openssl}/find.pl    |    0
 .../fix-cipher-des-ede3-cfb1.patch                 |    0
 .../initial-aarch64-bits.patch                     |  108 ++++----
 .../{openssl-1.0.1e => openssl}/oe-ldflags.patch   |    0
 ...-pointer-dereference-in-EVP_DigestInit_ex.patch |    0
 ...NULL-pointer-dereference-in-dh_pub_encode.patch |    0
 .../openssl-fix-des.pod-error.patch                |    0
 .../openssl-fix-doc.patch                          |  280 +++++++++-----------
 .../openssl-fix-link.patch                         |    0
 .../openssl_fix_for_x32.patch                      |    0
 .../{openssl-1.0.1e => openssl}/shared-libs.patch  |    0
 .../{openssl_1.0.1e.bb => openssl_1.0.1g.bb}       |    9 +-
 28 files changed, 183 insertions(+), 362 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.1e/0001-Fix-DTLS-retransmission-from-previous-session.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.1e/0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.1e/0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/configure-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/c_rehash-compat.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/ca.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/debian-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/make-targets.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/man-dir.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/man-section.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/no-rpath.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/no-symbolic.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/pic.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/debian/version-script.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/engines-install-in-libdir-ssl.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/find.pl (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/fix-cipher-des-ede3-cfb1.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/initial-aarch64-bits.patch (43%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/oe-ldflags.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/openssl-fix-des.pod-error.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/openssl-fix-doc.patch (47%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/openssl-fix-link.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/openssl_fix_for_x32.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl-1.0.1e => openssl}/shared-libs.patch (100%)
 rename meta/recipes-connectivity/openssl/{openssl_1.0.1e.bb => openssl_1.0.1g.bb} (81%)

-- 
1.7.9.5

next             reply	other threads:[~2014-04-08 11:54 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-04-08 11:49 Cristiana Voicu [this message]
2014-04-08 11:49 ` [PATCH 1/1] openssl: Upgrade to v1.0.1g Cristiana Voicu
  -- strict thread matches above, loose matches on Subject: below --
2014-08-10 16:06 [PATCH 0/1] OpenSSL upgrade Paul Eggleton
2012-07-20 15:38 [PATCH 0/1] openssl upgrade Scott Garman
2012-07-23 18:12 ` Saul Wold

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cover.1396957462.git.cristiana.voicu@intel.com \
    --to=cristiana.voicu@intel.com \
    --cc=openembedded-core@lists.openembedded.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox