]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: a3ee9cc) | patch
openssl: upgrade to 1.0.1h
authorPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 9 Jun 2014 09:36:34 +0000 (10:36 +0100)
committerPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 9 Jun 2014 12:53:56 +0000 (13:53 +0100)
commita3e80de6d423c272a287bf3538196b48ac5ddec1
treeee62837f00a8b8264c847334488420a751668dactree | snapshot
parenta3ee9cc7aebaecfa2223552a2c1865a9337de664commit | diff
openssl: upgrade to 1.0.1h

Fixes the following security issues:

* CVE-2014-0224
* CVE-2014-0221
* CVE-2014-0195
* CVE-2014-3470

The patch for CVE-2010-5298, CVE-2014-0198 and a fix for building the
documentation are integrated upstream in this release and so were
dropped. Additionally, a patch from upstream was added in order to
fix a failure during do_compile_ptest_base.

A similar upgrade was also submitted by Yao Xinpan <yaoxp@cn.fujitsu.com>
and Lei Maohui <leimaohui@cn.fujitsu.com>.

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
meta/recipes-connectivity/openssl/openssl/heartbeat-test-private-api.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl/openssl-CVE-2010-5298.patch [deleted file] blob | history
meta/recipes-connectivity/openssl/openssl/openssl-CVE-2014-0198-fix.patch [deleted file] blob | history
meta/recipes-connectivity/openssl/openssl/openssl-fix-doc.patch [deleted file] blob | history
meta/recipes-connectivity/openssl/openssl_1.0.1h.bb [moved from meta/recipes-connectivity/openssl/openssl_1.0.1g.bb with 86% similarity] diff | blob | history
Mirror of the official openembedded-core repository