]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 50050c9) | patch
openssl: fix CVE-2014-3470
authorPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 9 Jun 2014 10:29:30 +0000 (11:29 +0100)
committerPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 9 Jun 2014 12:57:13 +0000 (13:57 +0100)
commit299de5ea53446bc211e6aadf158d6ef7576384ab
tree6a8e06f59bc0b49b07fee305f8e7972a8eb9a575tree | snapshot
parent50050c9c2449d14a0d3da91eed5d16cddce9cf76commit | diff
openssl: fix CVE-2014-3470

From the OpenSSL Security Advisory [05 Jun 2014]
http://www.openssl.org/news/secadv_20140605.txt

Anonymous ECDH denial of service (CVE-2014-3470)

OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.

(Patch borrowed from Fedora.)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-1.0.1e-cve-2014-3470.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl_1.0.1e.bb diff | blob | history
Mirror of the official openembedded-core repository