]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: f19dbbc) | patch
openssl: fix CVE-2014-3470
authorPaul Eggleton <paul.eggleton@linux.intel.com>
Mon, 9 Jun 2014 15:53:47 +0000 (16:53 +0100)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Tue, 10 Jun 2014 16:05:53 +0000 (17:05 +0100)
commitfe4e278f1794dda2e1aded56360556fe933614ca
tree5db3ed9a4f63c9fa3e70df91256c793ee22aa771tree | snapshot
parentf19dbbc864b12b0f87248d3199296b41a0dcd5b0commit | diff
openssl: fix CVE-2014-3470

http://www.openssl.org/news/secadv_20140605.txt

Anonymous ECDH denial of service (CVE-2014-3470)

OpenSSL TLS clients enabling anonymous ECDH ciphersuites are subject to a
denial of service attack.

(Patch borrowed from Fedora.)

Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/openssl/openssl-1.0.1e/openssl-1.0.1e-cve-2014-3470.patch [new file with mode: 0644] blob
meta/recipes-connectivity/openssl/openssl_1.0.1e.bb diff | blob | history
Mirror of the official openembedded-core repository