]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: fd1d740) | patch
openssl: fix CVE-2014-3470
authorPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 9 Jun 2014 15:51:20 +0000 (16:51 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 10 Jun 2014 16:10:35 +0000 (17:10 +0100)
commit595f2fc7dd642d729ab61f20a6719a2cc6c80426
tree6e0f3687ddbc11313953ff03df384b1a698340d7tree | snapshot
parentfd1d740437017d3ed75684768d6915041cdb0631commit | diff
openssl: fix CVE-2014-3470

http://www.openssl.org/news/secadv_20140605.txt

Anonymous ECDH denial of service (CVE-2014-3470)

OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.

(Patch borrowed from Fedora.)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-3470.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl_1.0.1g.bb diff | blob | history
Mirror of the official openembedded-core repository