[kirkstone] openssl: Upgrade 3.0.9 -> 3.0.10

Message ID	20230807081823.47348-1-ppjadhav456@gmail.com
State	Accepted, archived
Commit	94ce10791ce10aa30d3a3bdef53f9b2f3c1b331a
Headers	show Return-Path: <ppjadhav456@gmail.com> ip: 209.85.214.175, mailfrom: ppjadhav456@gmail.com) From: Poonam Jadhav <ppjadhav456@gmail.com> To: openembedded-core@lists.openembedded.org, poonam.jadhav@kpit.com Cc: ranjitsinh.rathod@kpit.com Subject: [OE-core][kirkstone][PATCH] openssl: Upgrade 3.0.9 -> 3.0.10 Date: Mon, 7 Aug 2023 13:48:23 +0530 Message-Id: <20230807081823.47348-1-ppjadhav456@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone] openssl: Upgrade 3.0.9 -> 3.0.10 \| expand [kirkstone] openssl: Upgrade 3.0.9 -> 3.0.10

Message ID

20230807081823.47348-1-ppjadhav456@gmail.com

State

Accepted, archived

Commit

94ce10791ce10aa30d3a3bdef53f9b2f3c1b331a

Headers

From: Poonam Jadhav <ppjadhav456@gmail.com>
To: openembedded-core@lists.openembedded.org,
	poonam.jadhav@kpit.com
Cc: ranjitsinh.rathod@kpit.com
Subject: [OE-core][kirkstone][PATCH] openssl: Upgrade 3.0.9 -> 3.0.10
Date: Mon,  7 Aug 2023 13:48:23 +0530
Message-Id: <20230807081823.47348-1-ppjadhav456@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Series

[kirkstone] openssl: Upgrade 3.0.9 -> 3.0.10 | expand

Commit Message

Poonam Jadhav Aug. 7, 2023, 8:18 a.m. UTC

From: Poonam Jadhav <poonam.jadhav@kpit.com>

Fix CVEs CVE-2023-3817, CVE-2023-3446 and CVE-2023-2975 for openssl

Major changes between OpenSSL 3.0.9 and OpenSSL 3.0.10 [1 Aug 2023]
Link: https://www.openssl.org/news/openssl-3.0-notes.html

* Fix excessive time spent checking DH q parameter value ([CVE-2023-3817])
* Fix DH_check() excessive time with over sized modulus ([CVE-2023-3446])
* Do not ignore empty associated data entries with AES-SIV ([CVE-2023-2975])

Signed-off-by: Poonam Jadhav <poonam.jadhav@kpit.com>
---
 .../openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb}             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.0.9.bb => openssl_3.0.10.bb} (99%)

Comments

Peter Marko Aug. 7, 2023, 8:22 a.m. UTC | #1

This is already in kirkstone nut
* https://lists.openembedded.org/g/openembedded-core/message/185255
* https://git.openembedded.org/openembedded-core-contrib/commit/?h=stable/kirkstone-nut&id=94ce10791ce10aa30d3a3bdef53f9b2f3c1b331a

Peter

-----Original Message-----
From: openembedded-core@lists.openembedded.org <openembedded-core@lists.openembedded.org> On Behalf Of Poonam Jadhav via lists.openembedded.org
Sent: Monday, August 7, 2023 10:18
To: openembedded-core@lists.openembedded.org; poonam.jadhav@kpit.com
Cc: ranjitsinh.rathod@kpit.com
Subject: [OE-core][kirkstone][PATCH] openssl: Upgrade 3.0.9 -> 3.0.10

diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.9.bb b/meta/recipes-connectivity/openssl/openssl_3.0.10.bb
similarity index 99%
rename from meta/recipes-connectivity/openssl/openssl_3.0.9.bb
rename to meta/recipes-connectivity/openssl/openssl_3.0.10.bb
index 9738d36902..c770f1c712 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.9.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.10.bb
@@ -18,7 +18,7 @@  SRC_URI:append:class-nativesdk = " \
            file://environment.d-openssl.sh \
            "
 
-SRC_URI[sha256sum] = "eb1ab04781474360f77c318ab89d8c5a03abc38e63d65a603cabbf1b00a1dc90"
+SRC_URI[sha256sum] = "1761d4f5b13a1028b9b6f3d4b8e17feb0cedc9370f6afe61d7193d2cdce83323"
 
 inherit lib_package multilib_header multilib_script ptest perlnative
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"

[kirkstone] openssl: Upgrade 3.0.9 -> 3.0.10

Commit Message

Comments

Patch