Security Advisory - openssl - CVE-2013-6450

The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x through 1.0.1e does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c. (From OE-Core rev: 94352e694cd828aa84abd846149712535f48ab0f) Signed-off-by: Yue Tao <Yue.Tao@windriver.com> Signed-off-by: Jackie Huang <jackie.huang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Yue Tao <Yue.Tao@windriver.com> 2014-03-26 17:08:44 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2014-03-27 09:42:04 +0000
commit: 61fd2e4a2b0ab21eabbc1da13a221bf18ac5f0cf (patch)
tree: 85d956f95fa34adaf7f80fdfcd5281e4f946f8a4 /meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
parent: 34117165da3924fccd8b8232633dd0f5be954848 (diff)
download: poky-61fd2e4a2b0ab21eabbc1da13a221bf18ac5f0cf.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
index 3e92234031..4b9fd369de 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
@@ -36,6 +36,7 @@ SRC_URI += "file://configure-targets.patch \
            file://initial-aarch64-bits.patch \
            file://find.pl \
            file://0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch \
+            file://0001-Fix-DTLS-retransmission-from-previous-session.patch \
           "
 SRC_URI[md5sum] = "66bf6f10f060d561929de96f9dfe5b8c"
author	Yue Tao <Yue.Tao@windriver.com>	2014-03-26 17:08:44 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2014-03-27 09:42:04 +0000
commit	61fd2e4a2b0ab21eabbc1da13a221bf18ac5f0cf (patch)
tree	85d956f95fa34adaf7f80fdfcd5281e4f946f8a4 /meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
parent	34117165da3924fccd8b8232633dd0f5be954848 (diff)
download	poky-61fd2e4a2b0ab21eabbc1da13a221bf18ac5f0cf.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb index 3e92234031..4b9fd369de 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.1e.bb
@@ -36,6 +36,7 @@ SRC_URI += "file://configure-targets.patch \
36	file://initial-aarch64-bits.patch \	36	file://initial-aarch64-bits.patch \
37	file://find.pl \	37	file://find.pl \
38	file://0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch \	38	file://0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch \
		39	file://0001-Fix-DTLS-retransmission-from-previous-session.patch \
39	"	40	"
40		41
41	SRC_URI[md5sum] = "66bf6f10f060d561929de96f9dfe5b8c"	42	SRC_URI[md5sum] = "66bf6f10f060d561929de96f9dfe5b8c"