From: Brendan Le Foll <brendan.le.f...@intel.com> Due to recent security fixes it's advisable to update to the latest openssl version. I propose an update to 1.0.1m rather than simply patching the individual CVEs which is much more time consuming/error prone
This is exactly the same patch as for daisy since they share openssl version/patches Brendan Le Foll (1): openssl: Upgrade to 1.0.1m .../openssl/openssl/configure-targets.patch | 28 +++---- .../openssl/openssl/fix-cipher-des-ede3-cfb1.patch | 17 +++-- .../openssl/openssl/initial-aarch64-bits.patch | 87 ++++++++++++++-------- ...-pointer-dereference-in-EVP_DigestInit_ex.patch | 19 +++-- ...NULL-pointer-dereference-in-dh_pub_encode.patch | 39 ---------- .../openssl/openssl/openssl_fix_for_x32.patch | 83 ++++++++------------- .../recipes-connectivity/openssl/openssl_1.0.1j.bb | 57 -------------- .../recipes-connectivity/openssl/openssl_1.0.1m.bb | 56 ++++++++++++++ 8 files changed, 175 insertions(+), 211 deletions(-) delete mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch delete mode 100644 meta/recipes-connectivity/openssl/openssl_1.0.1j.bb create mode 100644 meta/recipes-connectivity/openssl/openssl_1.0.1m.bb -- 2.3.2 -- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
