diff options
author | Stefan Agner <stefan.agner@toradex.com> | 2017-11-18 09:53:54 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-12-02 11:25:32 +0000 |
commit | 0d1964a78e2bcfc195a1f81edb548cc4a6514af9 (patch) | |
tree | 7e24a367da077276f4245f48b6baaa3c3bab64b2 /meta/recipes-connectivity/openssl/openssl-1.0.2m/debian/ca.patch | |
parent | 4af421a469c4dc1d3c78b58474ce75441e8bc65b (diff) | |
download | poky-0d1964a78e2bcfc195a1f81edb548cc4a6514af9.tar.gz |
openssl10: Upgrade 1.0.2l -> 1.0.2m
Deals with two CVEs:
* bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
* Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)
(From OE-Core rev: a200115c769eff4b9b0241d54ed5ad86da08fdbc)
Signed-off-by: Stefan Agner <stefan.agner@toradex.com>
Acked-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl-1.0.2m/debian/ca.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl-1.0.2m/debian/ca.patch | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2m/debian/ca.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2m/debian/ca.patch new file mode 100644 index 0000000000..fb745e4394 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl-1.0.2m/debian/ca.patch | |||
@@ -0,0 +1,22 @@ | |||
1 | Upstream-Status: Backport [debian] | ||
2 | |||
3 | Index: openssl-0.9.8m/apps/CA.pl.in | ||
4 | =================================================================== | ||
5 | --- openssl-0.9.8m.orig/apps/CA.pl.in 2006-04-28 00:28:51.000000000 +0000 | ||
6 | +++ openssl-0.9.8m/apps/CA.pl.in 2010-02-27 00:36:51.000000000 +0000 | ||
7 | @@ -65,6 +65,7 @@ | ||
8 | foreach (@ARGV) { | ||
9 | if ( /^(-\?|-h|-help)$/ ) { | ||
10 | print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-signcert|-verify\n"; | ||
11 | + print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; | ||
12 | exit 0; | ||
13 | } elsif (/^-newcert$/) { | ||
14 | # create a certificate | ||
15 | @@ -165,6 +166,7 @@ | ||
16 | } else { | ||
17 | print STDERR "Unknown arg $_\n"; | ||
18 | print STDERR "usage: CA -newcert|-newreq|-newreq-nodes|-newca|-sign|-verify\n"; | ||
19 | + print STDERR "usage: CA -signcert certfile keyfile|-newcert|-newreq|-newca|-sign|-verify\n"; | ||
20 | exit 1; | ||
21 | } | ||
22 | } | ||