Hi Ross > There's a openssl 1.0.1j out now (fixing FOUR (!) CVEs, including "disabling > SSLv3 didn't work"...). I think considering the situation we'd take the > upgrade for dizzy, even though we've frozen. Anyone volunteering to take > lead of upgrading dizzy to 1.0.1j and backporting the relevant patches to the > previous releases? (eg daisy is on 1.0.1g). > > Ross
Sorry, I missed this, I am preparing patches for daisy. I have sent two patches to OE-core list for daisy and I will sent two more. Does those two patches look ok? I have built core-image-minimal for qemuarm and booted. I haven't done more tests to verify the fixes. I will search and see if I can find suitable tests so we can run proper tests at the end after applying all patches. -- Sona -- _______________________________________________ yocto mailing list yocto@yoctoproject.org https://lists.yoctoproject.org/listinfo/yocto
