| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE: CVE-2018-0732 CVE-2018-0737 CVE-2018-0739
OpenSSL in the upstream pyro is 1.0.2n.
CVE-2018-0732 and CVE-2018-0737 are first fixed in openssl 1.0.2p.
CVE-2018-0739 is fixed in openssl 1.0.2o.
Reference:
CVE-2018-0732 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=3984ef0b72831da8b3ece4745cac4f8575b19098
CVE-2018-0737 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787
CVE-2018-0739 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=9310d45087ae546e27e61ddf8f6367f29848220d
Change-Id: I46f80ef643e5f1c6857cc26086292cd393d3e748
Signed-off-by: Andreas Wellving <andreas.wellving@enea.com>
Signed-off-by: Adrian Mangeac <adrian.mangeac@enea.com>
|
|
|
|
|
|
|
|
| |
OpenSSL in the upstream pyro has been updated to 1.0.2n.
CVE-2017-3737 and CVE-2017-3735 are already fixed in openssl 1.0.2n.
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Read/write after SSL object in error state
References:
https://www.openssl.org/news/secadv/20171207.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3737
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
openssl: Malformed X.509 IPAdressFamily could cause OOB read
References:
https://www.openssl.org/news/secadv/20170828.txt
https://nvd.nist.gov/vuln/detail/CVE-2017-3735
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Incorrect error handling causes assertion failure when using DNS64
with "break-dnssec yes;"
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-3136
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
| |
Assertion failure when using DNS64 and RPZ Can Lead to Crash
Reference:
https://bugzilla.redhat.com/show_bug.cgi?id=1420193
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes assertion failure while handling an unusually-formed DS record response
Reference:
https://kb.isc.org/article/AA-01441
Upstream patch (CVE-2016-9444.patch):
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=commit;h=04c7ee66b1eda851737cc7582a2a88193a0b4118
This patch (0001-fix-back-port-issue.patch) is needed to fix undefined reference to `DO_ERROR' in CVE-2016-9444.patch:
https://source.isc.org/cgi-bin/gitweb.cgi?p=bind9.git;a=patch;h=6bed6ea11b1880e0a078bd02c1d31d21f0540583
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Martin Borg <martin.borg@enea.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The original .bbappend was adding a new "connman" file that replaced the
one provided in the original recipe. This meant that any changes in the
original file from poky would be overwritten.
The .bbappend now patches the connman file so that any changes in it
are either included or caught with merge conflict. To achieve this I did
an artifice of copying the connman file in S to be patched by do_patch,
then copied it back in WORKDIR to be installed on target by do_install.
Also renamed the recipe .bbappend to cover all versions of connman and
renamed the files folder.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
|
|
|
|
|
|
|
|
| |
This reverts commit 0c287b4f7a8356e34f683b3112068afa698fe69e.
Moving this to meta-enea-bsp-ppc as it is a PPC specific patch.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
This is backported from poky/meta repository. Needed only
by FSL's openssl version (found in meta-fsl-ppc layer).
Original commit: 8132507f0397877c4d528414c6d34ca61674b6dd
on meta-fsl-ppc/dizzy-enea.
Signed-off-by: Stefan Sicleru <stefan.sicleru@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
|
|
|
|
|
|
| |
The patch has been backported from master onto dizzy-enea, so it becomes
redundant when switching to master.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The ptest patch is apparently not relevant anymore. Although the original
commit doesn't specify what the errors were, I ported the patch to
openssh_7.1p2 and ran the ptests with and without the patch. The output
was identical regardless. There were some errors, but unrelated to the
patch changes. So I'm dropping the patch for now.
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
Signed-off-by: Nora Björklund <nora.bjorklund@enea.com>
|
|
|
|
|
| |
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Adrian Calianu <adrian.calianu@enea.com>
|
|
|
|
|
| |
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|
|
result of splitting up meta-enea
Signed-off-by: Adrian Dudau <adrian.dudau@enea.com>
|