On 15 November 2016 at 19:43, T.O. Radzy Radzykewycz <ra...@windriver.com> wrote:
> .../recipes-connectivity/openssl/openssl_1.0.2h.bb | 1 + > oe-core master is on openssl 1.0.2j now, so please rebase. > 2 files changed, 60 insertions(+) > create mode 100644 meta/recipes-connectivity/openssl/openssl/Use-SHA256- > not-MD5-as-default-digest.patch > > diff --git a/meta/recipes-connectivity/openssl/openssl/Use-SHA256- > not-MD5-as-default-digest.patch b/meta/recipes-connectivity/ > openssl/openssl/Use-SHA256-not-MD5-as-default-digest.patch > new file mode 100644 > index 000000000000..766af67e1db9 > --- /dev/null > +++ b/meta/recipes-connectivity/openssl/openssl/Use-SHA256- > not-MD5-as-default-digest.patch > @@ -0,0 +1,59 @@ > +From d795f5f20a29adecf92c09459a3ee07ffac01a99 Mon Sep 17 00:00:00 2001 > +From: Rich Salz <rs...@akamai.com> > +Date: Sat, 13 Jun 2015 17:03:39 -0400 > +Subject: [PATCH] Use SHA256 not MD5 as default digest. > + > +Commit f8547f62c212837dbf44fb7e2755e5774a59a57b upstream. > + > +Upstream Status: Backport > I'm such a pedant but we do have automated tooling around this, so please use "Upstream-Status". Also adding a CVE tag in the patch (CVE: CVE-2004-2761) would be appreciated for tracking. Ross
-- _______________________________________________ Openembedded-core mailing list Openembedded-core@lists.openembedded.org http://lists.openembedded.org/mailman/listinfo/openembedded-core
