From: Joshua Lock <joshua.g.lock@intel.com>
To: openembedded-core@lists.openembedded.org
Subject: [fido][PATCH 0/1] Fido OpenSSL security upgrade
Date: Wed, 11 May 2016 14:18:03 +0100 [thread overview]
Message-ID: <cover.1462972531.git.joshua.g.lock@intel.com> (raw)
Backport a patch from jethro for an OpenSSL upgrade to ensure recent CVE
fixes are included.
The following changes since commit fd27f8620ae4d95dfe07b27eee4256b0a128348a:
gtk+_2.24.25: backport a fix for building with newer host perl (2016-05-06 15:51:15 +0100)
are available in the git repository at:
git://git.openembedded.org/openembedded-core-contrib joshuagl/fido-next
http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=joshuagl/fido-next
Robert Yang (1):
openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)
.../openssl/0001-Add-test-for-CVE-2015-3194.patch | 66 ---
...64-mont5.pl-fix-carry-propagating-bug-CVE.patch | 101 ----
.../CVE-2015-3194-1-Add-PSS-parameter-check.patch | 45 --
...CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch | 66 ---
.../openssl/openssl/CVE-2015-3197.patch | 63 ---
.../openssl/openssl/CVE-2016-0701_1.patch | 102 ----
.../openssl/openssl/CVE-2016-0701_2.patch | 156 ------
.../openssl/openssl/CVE-2016-0800.patch | 198 -------
.../openssl/openssl/CVE-2016-0800_2.patch | 592 ---------------------
.../openssl/openssl/CVE-2016-0800_3.patch | 503 -----------------
.../openssl/crypto_use_bigint_in_x86-64_perl.patch | 14 +-
.../openssl/debian1.0.2/block_diginotar.patch | 17 +-
.../{debian => debian1.0.2}/version-script.patch | 35 +-
...-pointer-dereference-in-EVP_DigestInit_ex.patch | 14 +-
.../{openssl_1.0.2d.bb => openssl_1.0.2h.bb} | 18 +-
15 files changed, 40 insertions(+), 1950 deletions(-)
delete mode 100644 meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch
delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch
rename meta/recipes-connectivity/openssl/openssl/{debian => debian1.0.2}/version-script.patch (99%)
rename meta/recipes-connectivity/openssl/{openssl_1.0.2d.bb => openssl_1.0.2h.bb} (67%)
--
2.5.5
next reply other threads:[~2016-05-11 13:18 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-05-11 13:18 Joshua Lock [this message]
2016-05-11 22:27 ` [fido][PATCH 0/1] Fido OpenSSL security upgrade Martin Jansa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1462972531.git.joshua.g.lock@intel.com \
--to=joshua.g.lock@intel.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox