diff options
| author | Armin Kuster <akuster@mvista.com> | 2016-02-13 09:34:00 -0800 |
|---|---|---|
| committer | Joshua Lock <joshua.g.lock@intel.com> | 2016-02-29 15:05:16 +0000 |
| commit | 88ba5ea3f3a421ac91d670e450f4b0645a53d733 (patch) | |
| tree | 728b9b0149c161441c736a799418f217e00a074d /meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb | |
| parent | bed289a9ac39fb9b613e3075d5a062b24c59c956 (diff) | |
| download | openembedded-core-88ba5ea3f3a421ac91d670e450f4b0645a53d733.tar.gz openembedded-core-88ba5ea3f3a421ac91d670e450f4b0645a53d733.tar.bz2 openembedded-core-88ba5ea3f3a421ac91d670e450f4b0645a53d733.zip | |
libgcrypt: Security fix CVE-2015-7511
CVE-2015-7511 libgcrypt: side-channel attack on ECDH with Weierstrass curves
affects libgcrypt < 1.6.5
adjust SRC_URI + for this version.
Patch 1 is a dependancy patch. simple macro name change.
Patch 2 is the cve fix.
(From OE-Core master rev: c691ce99bd2d249d6fdc4ad58300719488fea12c)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Diffstat (limited to 'meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb')
| -rw-r--r-- | meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb index c49c0e7c17..40b7387b34 100644 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.6.2.bb @@ -1,4 +1,9 @@ require libgcrypt.inc +SRC_URI += "\ + file://CVE-2015-7511_1.patch \ + file://CVE-2015-7511_2.patch \ + " + SRC_URI[md5sum] = "d19adc062edff0ebc7e887212733ef1f" SRC_URI[sha256sum] = "936921644b9c81e2395e18a554a9a5f9252aae3976f8afc3e4229ee9d785e627" |