diff options
author | Cristiana Voicu <cristiana.voicu@intel.com> | 2014-04-08 14:49:48 +0300 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-04-08 17:45:09 +0100 |
commit | 5dd1d7566964c90d33c0c44f569d9336fb0724ce (patch) | |
tree | 6c9516db6873f1254723cbeeca204a43d5d410ba /meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch | |
parent | c0ac09ab49d7a2b9cc7601ceef2852d690cdf3d1 (diff) | |
download | poky-5dd1d7566964c90d33c0c44f569d9336fb0724ce.tar.gz |
openssl: Upgrade to v1.0.1g
The trigger for the upgrade was the serious "heartbleed" vulnerability
(CVE-2014-0160). More information:
http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx
Dropped obsolete patches, because the new version contains them:
0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch
0001-Fix-DTLS-retransmission-from-previous-session.patch
0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch
Modified 2 patches (small changes), in order to apply properly:
initial-aarch64-bits.patch
openssl-fix-doc.patch
Addresses CVEs:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
(From OE-Core rev: ff52836e1838590eeec7d7658e15b21d83cf8455)
Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch | 56 |
1 files changed, 56 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch new file mode 100644 index 0000000000..d8a6f1a23c --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/engines-install-in-libdir-ssl.patch | |||
@@ -0,0 +1,56 @@ | |||
1 | Upstream-Status: Inappropriate [configuration] | ||
2 | |||
3 | |||
4 | Index: openssl-1.0.0/engines/Makefile | ||
5 | =================================================================== | ||
6 | --- openssl-1.0.0.orig/engines/Makefile | ||
7 | +++ openssl-1.0.0/engines/Makefile | ||
8 | @@ -107,7 +107,7 @@ | ||
9 | @[ -n "$(INSTALLTOP)" ] # should be set by top Makefile... | ||
10 | @if [ -n "$(SHARED_LIBS)" ]; then \ | ||
11 | set -e; \ | ||
12 | - $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines; \ | ||
13 | + $(PERL) $(TOP)/util/mkdir-p.pl $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines; \ | ||
14 | for l in $(LIBNAMES); do \ | ||
15 | ( echo installing $$l; \ | ||
16 | pfx=lib; \ | ||
17 | @@ -119,13 +119,13 @@ | ||
18 | *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ | ||
19 | *) sfx=".bad";; \ | ||
20 | esac; \ | ||
21 | - cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ | ||
22 | + cp $$pfx$$l$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ | ||
23 | else \ | ||
24 | sfx=".so"; \ | ||
25 | - cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ | ||
26 | + cp cyg$$l.dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ | ||
27 | fi; \ | ||
28 | - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new; \ | ||
29 | - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$$pfx$$l$$sfx ); \ | ||
30 | + chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new; \ | ||
31 | + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$$pfx$$l$$sfx ); \ | ||
32 | done; \ | ||
33 | fi | ||
34 | @target=install; $(RECURSIVE_MAKE) | ||
35 | Index: openssl-1.0.0/engines/ccgost/Makefile | ||
36 | =================================================================== | ||
37 | --- openssl-1.0.0.orig/engines/ccgost/Makefile | ||
38 | +++ openssl-1.0.0/engines/ccgost/Makefile | ||
39 | @@ -53,13 +53,13 @@ | ||
40 | *DSO_WIN32*) sfx="eay32.dll"; pfx=;; \ | ||
41 | *) sfx=".bad";; \ | ||
42 | esac; \ | ||
43 | - cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ | ||
44 | + cp $${pfx}$(LIBNAME)$$sfx $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ | ||
45 | else \ | ||
46 | sfx=".so"; \ | ||
47 | - cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ | ||
48 | + cp cyg$(LIBNAME).dll $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ | ||
49 | fi; \ | ||
50 | - chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new; \ | ||
51 | - mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/engines/$${pfx}$(LIBNAME)$$sfx; \ | ||
52 | + chmod 555 $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new; \ | ||
53 | + mv -f $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx.new $(INSTALL_PREFIX)$(INSTALLTOP)/$(LIBDIR)/ssl/engines/$${pfx}$(LIBNAME)$$sfx; \ | ||
54 | fi | ||
55 | |||
56 | links: | ||