Patchwork [daisy,0/5] OpenSSL CVE fixes for the daisy branch

login
register
mail settings
Submitter Paul Eggleton
Date June 9, 2014, 3:51 p.m.
Message ID <cover.1402328991.git.paul.eggleton@linux.intel.com>
Download mbox
Permalink /patch/73515/
State Accepted, archived
Headers show

Pull-request

git://git.openembedded.org/openembedded-core-contrib paule/openssl-daisy

Comments

Paul Eggleton - June 9, 2014, 3:51 p.m.
NOTE: These patches needs to be applied *after* the OpenSSL
CVE-2010-5298 patch fix in Saul's pending daisy series (which is in
the branch for this pull request or it would not work otherwise.)


The following changes since commit:

  openssl: add openssl-CVE-2010-5298.patch SRC_URI (2014-06-09 14:11:54 +0100)

are available in the git repository at:

  git://git.openembedded.org/openembedded-core-contrib paule/openssl-daisy
  http://cgit.openembedded.org/cgit.cgi/openembedded-core-contrib/log/?h=paule/openssl-daisy

Paul Eggleton (5):
  openssl: fix CVE-2014-0195
  openssl: use upstream fix for CVE-2014-0198
  openssl: fix CVE-2014-0221
  openssl: fix CVE-2014-0224
  openssl: fix CVE-2014-3470

 .../openssl/openssl-1.0.1e-cve-2014-0195.patch     |  40 ++++++++
 .../openssl/openssl-1.0.1e-cve-2014-0198.patch     |  38 ++++++++
 .../openssl/openssl-1.0.1e-cve-2014-0221.patch     |  38 ++++++++
 .../openssl/openssl-1.0.1e-cve-2014-0224.patch     | 103 +++++++++++++++++++++
 .../openssl/openssl-1.0.1e-cve-2014-3470.patch     |  31 +++++++
 .../openssl/openssl-CVE-2014-0198-fix.patch        |  23 -----
 .../recipes-connectivity/openssl/openssl_1.0.1g.bb |   6 +-
 7 files changed, 255 insertions(+), 24 deletions(-)
 create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0198.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0221.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0224.patch
 create mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-3470.patch
 delete mode 100644 meta/recipes-connectivity/openssl/openssl/openssl-CVE-2014-0198-fix.patch