code.ossystems Code Review - openembedded-core.git/commit

author	Robert Yang <liezhi.yang@windriver.com>
	Wed, 11 May 2016 07:43:28 +0000 (00:43 -0700)
committer	Joshua Lock <joshua.g.lock@intel.com>
	Wed, 11 May 2016 13:05:53 +0000 (14:05 +0100)
commit	6ed7c8a9f82bc173ae0cc8b494af5a2c838f08fc
tree	4505cd81a256a492dc2b5004185de4c91695b925	tree \| snapshot
parent	fd27f8620ae4d95dfe07b27eee4256b0a128348a	commit \| diff

openssl: 1.0.2d -> 1.0.2h (mainly for CVEs)

* CVEs:
  - CVE-2016-0705
  - CVE-2016-0798
  - CVE-2016-0797
  - CVE-2016-0799
  - CVE-2016-0702
  - CVE-2016-0703
  - CVE-2016-0704
  - CVE-2016-2105
  - CVE-2016-2106
  - CVE-2016-2109
  - CVE-2016-2176

* The LICENSE's checksum is changed because of date changes (2011 ->
  2016), the contents are the same.

* Remove backport patches
  - 0001-Add-test-for-CVE-2015-3194.patch
  - CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
  - CVE-2015-3194-1-Add-PSS-parameter-check.patch
  - CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
  - CVE-2015-3197.patch
  - CVE-2016-0701_1.patch
  - CVE-2016-0701_2.patch
  - CVE-2016-0800.patch
  - CVE-2016-0800_2.patch
  - CVE-2016-0800_3.patch

* Update crypto_use_bigint_in_x86-64_perl.patch

* Add version-script.patch and update block_diginotar.patch (From master branch)

* Update openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
  (From Armin)

(From OE-Core master rev: bca156013af0a98cb18d8156626b9acc8f9883e3)

Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>

meta/recipes-connectivity/openssl/openssl/0001-Add-test-for-CVE-2015-3194.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2015-3194-1-Add-PSS-parameter-check.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2015-3197.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_1.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2016-0701_2.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2016-0800.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_2.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/CVE-2016-0800_3.patch	[deleted file]	blob \| history
meta/recipes-connectivity/openssl/openssl/crypto_use_bigint_in_x86-64_perl.patch		diff \| blob \| history
meta/recipes-connectivity/openssl/openssl/debian1.0.2/block_diginotar.patch		diff \| blob \| history
meta/recipes-connectivity/openssl/openssl/debian1.0.2/version-script.patch	[moved from meta/recipes-connectivity/openssl/openssl/debian/version-script.patch with 99% similarity]	diff \| blob \| history
meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch		diff \| blob \| history
meta/recipes-connectivity/openssl/openssl_1.0.2h.bb	[moved from meta/recipes-connectivity/openssl/openssl_1.0.2d.bb with 67% similarity]	diff \| blob \| history