diff options
author | Maxin B. John <maxin.john@enea.com> | 2014-05-19 16:13:04 +0100 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-05-21 09:32:55 +0100 |
commit | 19745990465b37107142c5464008ca9f7959cc0b (patch) | |
tree | e2b3040ce111e3e6d27f34e9c0bed940f6efa864 /meta/recipes-connectivity/openssl/openssl_1.0.1e.bb | |
parent | 0a6f0dbf9476dcb4a17a210af90e2dd1a43b61aa (diff) | |
download | poky-19745990465b37107142c5464008ca9f7959cc0b.tar.gz |
openssl: fix CVE-2014-0198
A null pointer dereference bug was discovered in do_ssl3_write().
An attacker could possibly use this to cause OpenSSL to crash, resulting
in a denial of service.
https://access.redhat.com/security/cve/CVE-2014-0198
(From OE-Core rev: 4c58fe468790822fe48e0a570779979c831d0f10)
Signed-off-by: Maxin B. John <maxin.john@enea.com>
Signed-off-by: Matt Fleming <matt.fleming@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl_1.0.1e.bb')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_1.0.1e.bb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb index bfdb25e80f..842a903332 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb | |||
@@ -6,7 +6,7 @@ DEPENDS += "ocf-linux" | |||
6 | 6 | ||
7 | CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" | 7 | CFLAG += "-DHAVE_CRYPTODEV -DUSE_CRYPTODEV_DIGESTS" |
8 | 8 | ||
9 | PR = "${INC_PR}.1" | 9 | PR = "${INC_PR}.2" |
10 | 10 | ||
11 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" | 11 | LIC_FILES_CHKSUM = "file://LICENSE;md5=f9a8f968107345e0b75aa8c2ecaa7ec8" |
12 | 12 | ||
@@ -38,6 +38,7 @@ SRC_URI += "file://configure-targets.patch \ | |||
38 | file://0001-Fix-DTLS-retransmission-from-previous-session.patch \ | 38 | file://0001-Fix-DTLS-retransmission-from-previous-session.patch \ |
39 | file://0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch \ | 39 | file://0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch \ |
40 | file://CVE-2014-0160.patch \ | 40 | file://CVE-2014-0160.patch \ |
41 | file://openssl-CVE-2014-0198-fix.patch \ | ||
41 | " | 42 | " |
42 | 43 | ||
43 | SRC_URI[md5sum] = "66bf6f10f060d561929de96f9dfe5b8c" | 44 | SRC_URI[md5sum] = "66bf6f10f060d561929de96f9dfe5b8c" |