On Thu, Feb 09, 2023 at 08:08:00PM +0530, Siddharth wrote:
> From: Siddharth Doshi <sdo...@mvista.com>
>
> OpenSSL 3.0.8 fixes 1 HIGH level security vulnerability and 7 MODERATE level
> security vulnerability [1].
>
> Upgrade the recipe to point to 3.0.8.
>
> CVE-2022-3996 is reported fixed in 3.0.8, so drop the patch for that as
> well.
>
> [1] https://www.openssl.org/news/vulnerabilities.html
>
> CVEs Fixed:
> https://www.openssl.org/news/secadv/20230207.txt
>
> Signed-off-by: Siddharth Doshi <sdo...@mvista.com>
Hi Siddharth,
thanks for the patch.
Tested-by: Richard Leitner <richard.leit...@skidata.com>
> ---
> .../openssl/openssl/CVE-2022-3996.patch | 43 -------------------
> .../{openssl_3.0.7.bb => openssl_3.0.8.bb} | 3 +-
> 2 files changed, 1 insertion(+), 45 deletions(-)
> delete mode 100644
> meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch
> rename meta/recipes-connectivity/openssl/{openssl_3.0.7.bb =>
> openssl_3.0.8.bb} (98%)
regards;rl
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#177181):
https://lists.openembedded.org/g/openembedded-core/message/177181
Mute This Topic: https://lists.openembedded.org/mt/96853907/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
