[jethro][PATCH 0/2] Consolidated security pull request

[jethro][PATCH 0/2] Consolidated security pull request

[Joshua Lock]

This pull request picks up a couple of outstanding Jethro security fixes which
are also required for the fido branch. Note: the wpa-supplicant change isn't
required for master and an equivelant openssl fix is queued for master.

Please consider them for merging.

Regards,

Joshua

The following changes since commit 0c702756dd0009c4112028fbf2479a346867b32c:

  build-appliance-image: Update to jethro head revision (2016-02-24 09:04:05 +0000)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib joshuagl/jethro
  http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=joshuagl/jethro

Armin Kuster (1):
  openssl: Security fix CVE-2016-0800

Hongxu Jia (1):
  wpa-supplicant: Fix CVE-2015-8041

 .../openssl/openssl/CVE-2016-0800.patch            | 198 +++++++
 .../openssl/openssl/CVE-2016-0800_2.patch          | 592 +++++++++++++++++++++
 .../openssl/openssl/CVE-2016-0800_3.patch          | 503 +++++++++++++++++
 .../recipes-connectivity/openssl/openssl_1.0.2d.bb |   3 +
 ...load-length-validation-in-NDEF-record-par.patch |  64 +++
 .../wpa-supplicant/wpa-supplicant_2.4.bb           |   1 +
 6 files changed, 1361 insertions(+)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch
 create mode 100644 meta/recipes-connectivity/wpa-supplicant/wpa-supplicant/0001-NFC-Fix-payload-length-validation-in-NDEF-record-par.patch

--
2.5.0