diff options
author | Ross Burton <ross.burton@intel.com> | 2017-03-14 12:49:47 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-03-14 14:32:27 +0000 |
commit | 8791800f84321b3f46772bc2d9e4f754e6213946 (patch) | |
tree | bbe89dae2c40bd74e6c7b027d0fcf3b0b1f33cb0 | |
parent | bf00e5e265d3f878d2af36a48d597ce477bd6f4f (diff) | |
download | openembedded-core-8791800f84321b3f46772bc2d9e4f754e6213946.tar.gz openembedded-core-8791800f84321b3f46772bc2d9e4f754e6213946.tar.bz2 openembedded-core-8791800f84321b3f46772bc2d9e4f754e6213946.zip |
openssl: actually apply Use-SHA256-not-MD5-as-default-digest.patch
This patch was added to fix a CVE, but wasn't actually added to SRC_URI:
CVE: CVE-2004-2761
The MD5 Message-Digest Algorithm is not collision resistant,
which makes it easier for context-dependent attackers to
conduct spoofing attacks, as demonstrated by attacks on the
use of MD5 in the signature algorithm of an X.509 certificate.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_1.0.2k.bb | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb index 1973f81a24..922819b3d5 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2k.bb @@ -41,6 +41,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \ file://configure-musl-target.patch \ file://parallel.patch \ file://openssl-util-perlpath.pl-cwd.patch \ + file://Use-SHA256-not-MD5-as-default-digest.patch \ " SRC_URI[md5sum] = "f965fc0bf01bf882b31314b61391ae65" SRC_URI[sha256sum] = "6b3977c61f2aedf0f96367dcfb5c6e578cf37e7b8d913b4ecb6643c3cb88d8c0" |