diff options
author | Sona Sarmadi <sona.sarmadi@enea.com> | 2016-05-09 13:29:01 +0200 |
---|---|---|
committer | Tudor Florea <tudor.florea@enea.com> | 2016-05-10 10:26:16 +0200 |
commit | 94e9e6a21b26c8bd0b194d4c2a65cbcb9464a553 (patch) | |
tree | 9d5cf6f89dadcdf9365e632962b393c9fb35c828 /meta/recipes-connectivity/openssl/openssl/debian/version-script.patch | |
parent | 9c5b66788d746491a471bed3c7c7333862f95ea7 (diff) | |
download | poky-94e9e6a21b26c8bd0b194d4c2a65cbcb9464a553.tar.gz |
OpenSSL: Upgrade to 1.0.1t to fix multiple CVEsdizzy-enea
Upgrade 1.0.1p --> 1.0.1t addresses following vulnerabilities:
CVE-2016-2107
CVE-2016-2108
CVE-2016-2105
CVE-2016-2106
CVE-2016-2109
CVE-2016-2176
Reference:
URL for the OpenSSL Security Advisory:
https://www.openssl.org/news/secadv/20160503.txt
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
Signed-off-by: Tudor Florea <tudor.florea@enea.com>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/debian/version-script.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/debian/version-script.patch | 80 |
1 files changed, 40 insertions, 40 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch index ece8b9b46c..ac78adb802 100644 --- a/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch +++ b/meta/recipes-connectivity/openssl/openssl/debian/version-script.patch | |||
@@ -1,10 +1,11 @@ | |||
1 | Upstream-Status: Backport [debian] | 1 | Upstream-Status: Backport [debian] |
2 | 2 | ||
3 | Index: openssl-1.0.1d/Configure | 3 | Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> |
4 | =================================================================== | 4 | --- |
5 | --- openssl-1.0.1d.orig/Configure 2013-02-06 19:41:43.000000000 +0100 | 5 | diff -ruN a/Configure b/Configure |
6 | +++ openssl-1.0.1d/Configure 2013-02-06 19:41:43.000000000 +0100 | 6 | --- a/Configure 2016-05-09 12:05:53.135685172 +0200 |
7 | @@ -1621,6 +1621,8 @@ | 7 | +++ b/Configure 2016-05-09 12:07:43.962952937 +0200 |
8 | @@ -1667,6 +1667,8 @@ | ||
8 | } | 9 | } |
9 | } | 10 | } |
10 | 11 | ||
@@ -13,11 +14,38 @@ Index: openssl-1.0.1d/Configure | |||
13 | open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; | 14 | open(IN,'<Makefile.org') || die "unable to read Makefile.org:$!\n"; |
14 | unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new"; | 15 | unlink("$Makefile.new") || die "unable to remove old $Makefile.new:$!\n" if -e "$Makefile.new"; |
15 | open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n"; | 16 | open(OUT,">$Makefile.new") || die "unable to create $Makefile.new:$!\n"; |
16 | Index: openssl-1.0.1d/openssl.ld | 17 | diff -ruN a/engines/ccgost/openssl.ld b/engines/ccgost/openssl.ld |
17 | =================================================================== | 18 | --- a/engines/ccgost/openssl.ld 1970-01-01 01:00:00.000000000 +0100 |
18 | --- /dev/null 1970-01-01 00:00:00.000000000 +0000 | 19 | +++ b/engines/ccgost/openssl.ld 2016-05-09 12:07:44.034949863 +0200 |
19 | +++ openssl-1.0.1d/openssl.ld 2013-02-06 19:44:25.000000000 +0100 | 20 | @@ -0,0 +1,10 @@ |
20 | @@ -0,0 +1,4620 @@ | 21 | +OPENSSL_1.0.0 { |
22 | + global: | ||
23 | + bind_engine; | ||
24 | + v_check; | ||
25 | + OPENSSL_init; | ||
26 | + OPENSSL_finish; | ||
27 | + local: | ||
28 | + *; | ||
29 | +}; | ||
30 | + | ||
31 | diff -ruN a/engines/openssl.ld b/engines/openssl.ld | ||
32 | --- a/engines/openssl.ld 1970-01-01 01:00:00.000000000 +0100 | ||
33 | +++ b/engines/openssl.ld 2016-05-09 12:07:43.990951742 +0200 | ||
34 | @@ -0,0 +1,10 @@ | ||
35 | +OPENSSL_1.0.0 { | ||
36 | + global: | ||
37 | + bind_engine; | ||
38 | + v_check; | ||
39 | + OPENSSL_init; | ||
40 | + OPENSSL_finish; | ||
41 | + local: | ||
42 | + *; | ||
43 | +}; | ||
44 | + | ||
45 | diff -ruN a/openssl.ld b/openssl.ld | ||
46 | --- a/openssl.ld 1970-01-01 01:00:00.000000000 +0100 | ||
47 | +++ b/openssl.ld 2016-05-09 12:34:19.174771028 +0200 | ||
48 | @@ -0,0 +1,4622 @@ | ||
21 | +OPENSSL_1.0.0 { | 49 | +OPENSSL_1.0.0 { |
22 | + global: | 50 | + global: |
23 | + BIO_f_ssl; | 51 | + BIO_f_ssl; |
@@ -4526,6 +4554,8 @@ Index: openssl-1.0.1d/openssl.ld | |||
4526 | + SSL_SESSION_get_compress_id; | 4554 | + SSL_SESSION_get_compress_id; |
4527 | + | 4555 | + |
4528 | + SRP_VBASE_get_by_user; | 4556 | + SRP_VBASE_get_by_user; |
4557 | + SRP_VBASE_get1_by_user; | ||
4558 | + SRP_user_pwd_free; | ||
4529 | + SRP_Calc_server_key; | 4559 | + SRP_Calc_server_key; |
4530 | + SRP_create_verifier; | 4560 | + SRP_create_verifier; |
4531 | + SRP_create_verifier_BN; | 4561 | + SRP_create_verifier_BN; |
@@ -4638,33 +4668,3 @@ Index: openssl-1.0.1d/openssl.ld | |||
4638 | + CRYPTO_memcmp; | 4668 | + CRYPTO_memcmp; |
4639 | +} OPENSSL_1.0.1; | 4669 | +} OPENSSL_1.0.1; |
4640 | + | 4670 | + |
4641 | Index: openssl-1.0.1d/engines/openssl.ld | ||
4642 | =================================================================== | ||
4643 | --- /dev/null 1970-01-01 00:00:00.000000000 +0000 | ||
4644 | +++ openssl-1.0.1d/engines/openssl.ld 2013-02-06 19:41:43.000000000 +0100 | ||
4645 | @@ -0,0 +1,10 @@ | ||
4646 | +OPENSSL_1.0.0 { | ||
4647 | + global: | ||
4648 | + bind_engine; | ||
4649 | + v_check; | ||
4650 | + OPENSSL_init; | ||
4651 | + OPENSSL_finish; | ||
4652 | + local: | ||
4653 | + *; | ||
4654 | +}; | ||
4655 | + | ||
4656 | Index: openssl-1.0.1d/engines/ccgost/openssl.ld | ||
4657 | =================================================================== | ||
4658 | --- /dev/null 1970-01-01 00:00:00.000000000 +0000 | ||
4659 | +++ openssl-1.0.1d/engines/ccgost/openssl.ld 2013-02-06 19:41:43.000000000 +0100 | ||
4660 | @@ -0,0 +1,10 @@ | ||
4661 | +OPENSSL_1.0.0 { | ||
4662 | + global: | ||
4663 | + bind_engine; | ||
4664 | + v_check; | ||
4665 | + OPENSSL_init; | ||
4666 | + OPENSSL_finish; | ||
4667 | + local: | ||
4668 | + *; | ||
4669 | +}; | ||
4670 | + | ||