subject:"\[OE\-core\] \[rocko\]\[PATCH v3 3\/4\] openssl\: Upgrade 1.1.0f \-> 1.1.0g"

Re: [OE-core] [rocko][PATCH v3 3/4] openssl: Upgrade 1.1.0f -> 1.1.0g

2017-12-21 Thread Koen Kooi

> Op 19 dec. 2017, om 22:26 heeft Stefan Agner het volgende > geschreven: > > From: Stefan Agner > > Deals with two CVEs: > * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) > * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) > > Signed-off-by: Stefan Agner > Ac

[OE-core] [rocko][PATCH v3 3/4] openssl: Upgrade 1.1.0f -> 1.1.0g

2017-12-19 Thread Stefan Agner

From: Stefan Agner Deals with two CVEs: * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) Signed-off-by: Stefan Agner Acked-by: Otavio Salvador --- .../openssl/{openssl_1.1.0f.bb => openssl_1.1.0g.bb}