diff options
| author | Alexander Kanavin <alex.kanavin@gmail.com> | 2018-11-22 16:41:22 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-02-25 22:25:06 +0000 |
| commit | 572865e0d0a61e2096083edc622366e4ac9a8ad0 (patch) | |
| tree | 54255f0683bd2cc8f88aca2128ff781537e27d53 | |
| parent | eb875a7ecb74a9a63d81c64ec770ec65ed5d0211 (diff) | |
| download | openembedded-core-572865e0d0a61e2096083edc622366e4ac9a8ad0.tar.gz openembedded-core-572865e0d0a61e2096083edc622366e4ac9a8ad0.tar.bz2 openembedded-core-572865e0d0a61e2096083edc622366e4ac9a8ad0.zip | |
openssl10: update to 1.0.2q
(From OE-Core rev: 03149ca307282c22dd9ceb6fe3224bf586b03f6d)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch | 33 | ||||
| -rw-r--r-- | meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb (renamed from meta/recipes-connectivity/openssl/openssl10_1.0.2p.bb) | 5 |
2 files changed, 2 insertions, 36 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch b/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch deleted file mode 100644 index b9865a69b5..0000000000 --- a/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch +++ /dev/null @@ -1,33 +0,0 @@ -CVE: CVE-2018-0734 - -Upstream-Status: Backport - -Signed-off-by: Kai Kang <kai.kang@windriver.com> - -From 43e6a58d4991a451daf4891ff05a48735df871ac Mon Sep 17 00:00:00 2001 -From: Pauli <paul.dale@oracle.com> -Date: Mon, 29 Oct 2018 08:24:22 +1000 -Subject: [PATCH] Merge DSA reallocation timing fix CVE-2018-0734. - -Reviewed-by: Richard Levitte <levitte@openssl.org> -(Merged from https://github.com/openssl/openssl/pull/7513) ---- - crypto/dsa/dsa_ossl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c -index 2dcfedeeee..100e269268 100644 ---- a/crypto/dsa/dsa_ossl.c -+++ b/crypto/dsa/dsa_ossl.c -@@ -279,7 +279,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - goto err; - - /* Preallocate space */ -- q_bits = BN_num_bits(dsa->q); -+ q_bits = BN_num_bits(dsa->q) + sizeof(dsa->q->d[0]) * 16; - if (!BN_set_bit(&k, q_bits) - || !BN_set_bit(&l, q_bits) - || !BN_set_bit(&m, q_bits)) --- -2.17.0 - diff --git a/meta/recipes-connectivity/openssl/openssl10_1.0.2p.bb b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb index 0925af3456..9d67053b7a 100644 --- a/meta/recipes-connectivity/openssl/openssl10_1.0.2p.bb +++ b/meta/recipes-connectivity/openssl/openssl10_1.0.2q.bb @@ -40,7 +40,6 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-Fix-build-with-clang-using-external-assembler.patch \ file://0001-openssl-force-soft-link-to-avoid-rare-race.patch \ file://0001-allow-manpages-to-be-disabled.patch \ - file://0001-fix-CVE-2018-0734.patch \ " SRC_URI_append_class-target = " \ @@ -52,8 +51,8 @@ SRC_URI_append_class-nativesdk = " \ file://environment.d-openssl.sh \ " -SRC_URI[md5sum] = "ac5eb30bf5798aa14b1ae6d0e7da58df" -SRC_URI[sha256sum] = "50a98e07b1a89eb8f6a99477f262df71c6fa7bef77df4dc83025a2845c827d00" +SRC_URI[md5sum] = "7563e1ce046cb21948eeb6ba1a0eb71c" +SRC_URI[sha256sum] = "5744cfcbcec2b1b48629f7354203bc1e5e9b5466998bbccc5b5fcde3b18eb684" S = "${WORKDIR}/openssl-${PV}" |