openssl: Security fix CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits. External References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7055 https://www.openssl.org/news/secadv/20161110.txt Patch from: https://github.com/openssl/openssl/commit/57c4b9f6a2f800b41ce2836986fe33640f6c3f8a (From OE-Core rev: 07cfa9e2bceb07f3baf40681f8c57f4d3da0aee5) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Yi Zhao <yi.zhao@windriver.com> 2016-11-16 18:07:33 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-11-23 11:10:14 +0000
commit: 25078834f701fca21399a3c64c3a9720ada30858 (patch)
tree: 8001ffdadab10b5fa95a342eb9509c508dab9f16 /meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
parent: f3c9e66e8dbf70ca46fc375616a3a666ccce7cf4 (diff)
download: poky-25078834f701fca21399a3c64c3a9720ada30858.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
index 257e3cfc4b..f2aca36eca 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
@@ -40,6 +40,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
            file://configure-musl-target.patch \
            file://parallel.patch \
            file://openssl-util-perlpath.pl-cwd.patch \
+            file://CVE-2016-7055.patch \
           "
 SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b"
 SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"
author	Yi Zhao <yi.zhao@windriver.com>	2016-11-16 18:07:33 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-11-23 11:10:14 +0000
commit	25078834f701fca21399a3c64c3a9720ada30858 (patch)
tree	8001ffdadab10b5fa95a342eb9509c508dab9f16 /meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
parent	f3c9e66e8dbf70ca46fc375616a3a666ccce7cf4 (diff)
download	poky-25078834f701fca21399a3c64c3a9720ada30858.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb index 257e3cfc4b..f2aca36eca 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.0.2j.bb
@@ -40,6 +40,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
40	file://configure-musl-target.patch \	40	file://configure-musl-target.patch \
41	file://parallel.patch \	41	file://parallel.patch \
42	file://openssl-util-perlpath.pl-cwd.patch \	42	file://openssl-util-perlpath.pl-cwd.patch \
		43	file://CVE-2016-7055.patch \
43	"	44	"
44	SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b"	45	SRC_URI[md5sum] = "96322138f0b69e61b7212bc53d5e912b"
45	SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"	46	SRC_URI[sha256sum] = "e7aff292be21c259c6af26469c7a9b3ba26e9abaaffd325e3dccc9785256c431"