From patchwork Tue Mar 20 18:10:59 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: [0/1] openssl security upgrade Date: Tue, 20 Mar 2012 18:10:59 -0000 From: Scott Garman X-Patchwork-Id: 23915 Message-Id: To: openembedded-core@lists.openembedded.org Hello, This upgrade to the openssl recipe addresses a security vulnerability, CVE-2012-0884. I would like to ensure it gets included in our upcoming 1.2 release. This upgrade has been build-tested on all 5 of our qemu architectures, and I have inspected the image and package output to ensure there were no significant differences between the output of this recipe upgrade and the last version of openssl we were using. Scott The following changes since commit 5d404fdb36b0535ce758d98408b02134cdbce4ee: xserver-kdrive: compile xserver without dtrace support (2012-03-20 15:21:18 +0000) are available in the git repository at: git://git.pokylinux.org/poky-contrib sgarman/openssl-upgrade-oe http://git.pokylinux.org/cgit.cgi/poky-contrib/log/?h=sgarman/openssl-upgrade-oe Scott Garman (1): openssl: upgrade to 1.0.0.h .../openssl/openssl-1.0.0g/debian/pkg-config.patch | 36 -------------------- .../configure-targets.patch | 0 .../debian/c_rehash-compat.patch | 0 .../debian/ca.patch | 0 .../debian/debian-targets.patch | 0 .../debian/make-targets.patch | 0 .../debian/man-dir.patch | 0 .../debian/man-section.patch | 0 .../debian/no-rpath.patch | 0 .../debian/no-symbolic.patch | 0 .../debian/pic.patch | 0 .../debian/version-script.patch | 0 .../engines-install-in-libdir-ssl.patch | 0 .../oe-ldflags.patch | 0 .../openssl-fix-link.patch | 0 .../openssl_fix_for_x32.patch | 0 .../shared-libs.patch | 0 .../{openssl_1.0.0g.bb => openssl_1.0.0h.bb} | 5 +-- 18 files changed, 2 insertions(+), 39 deletions(-) delete mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.0g/debian/pkg-config.patch rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/configure-targets.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/c_rehash-compat.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/ca.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/debian-targets.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/make-targets.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/man-dir.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/man-section.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/no-rpath.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/no-symbolic.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/pic.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/debian/version-script.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/engines-install-in-libdir-ssl.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/oe-ldflags.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/openssl-fix-link.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/openssl_fix_for_x32.patch (100%) rename meta/recipes-connectivity/openssl/{openssl-1.0.0g => openssl-1.0.0h}/shared-libs.patch (100%) rename meta/recipes-connectivity/openssl/{openssl_1.0.0g.bb => openssl_1.0.0h.bb} (87%)