| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2018-0732 CVE-2018-0737 CVE-2018-0739
OpenSSL in the upstream pyro is 1.0.2n.
CVE-2018-0732 and CVE-2018-0737 are first fixed in openssl 1.0.2p.
CVE-2018-0739 is fixed in openssl 1.0.2o.
Reference:
CVE-2018-0732 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=3984ef0b72831da8b3ece4745cac4f8575b19098
CVE-2018-0737 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787
CVE-2018-0739 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=9310d45087ae546e27e61ddf8f6367f29848220d
Change-Id: I46f80ef643e5f1c6857cc26086292cd393d3e748
Signed-off-by: Andreas Wellving <andreas.wellving@enea.com>
Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com>
|
|
|
|
|
|
|
|
| |
OpenSSL in the upstream pyro has been updated to 1.0.2n.
CVE-2017-3737 and CVE-2017-3735 are already fixed in openssl 1.0.2n.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Read/write after SSL object in error state
References:
https://www.openssl.org/news/secadv/20171207.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3737
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
openssl: Malformed X.509 IPAdressFamily could cause OOB read
References:
https://www.openssl.org/news/secadv/20170828.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3735
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
| |
This reverts commit 0c287b4f7a8356e34f683b3112068afa698fe69e.
Moving this to meta-enea-bsp-ppc as it is a PPC specific patch.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
This is backported from poky/meta repository. Needed only
by FSL's openssl version (found in meta-fsl-ppc layer).
Original commit: 8132507f0397877c4d528414c6d34ca61674b6dd
on meta-fsl-ppc/dizzy-enea.
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|