summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity
diff options
context:
space:
mode:
authorIlya Yanok <yanok@emcraft.com>2011-01-18 01:36:17 +0300
committerRichard Purdie <richard.purdie@linuxfoundation.org>2011-01-20 21:36:59 +0000
commit81f1457d7e5092ced648993f3507fdee0165580f (patch)
tree9a6eaee771ea4bc35a431d05d7e30f032c72cc89 /meta/recipes-connectivity
parent05cb09b2ff8134ad66c19373a1f229f774314a15 (diff)
downloadpoky-81f1457d7e5092ced648993f3507fdee0165580f.tar.gz
openssl: drop the valgrind patch that introduce a security hole
debian/valgrind.patch is the 'famous' Debian OpenSSL patch responsible for everyone using Debian and derivatives changing their keys. All keys generated with the patched OpenSSL are compromised so at very least we have to drop this patch for good. Signed-off-by: Ilya Yanok <yanok@emcraft.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
Diffstat (limited to 'meta/recipes-connectivity')
-rw-r--r--meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch15
-rw-r--r--meta/recipes-connectivity/openssl/openssl_0.9.8p.bb1
2 files changed, 0 insertions, 16 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch b/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
deleted file mode 100644
index e9f86eabbf..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
+++ /dev/null
@@ -1,15 +0,0 @@
1Index: openssl-0.9.8k/crypto/rand/md_rand.c
2===================================================================
3--- openssl-0.9.8k.orig/crypto/rand/md_rand.c 2008-09-16 13:50:05.000000000 +0200
4+++ openssl-0.9.8k/crypto/rand/md_rand.c 2009-07-19 11:36:05.000000000 +0200
5@@ -477,8 +477,10 @@
6 MD_Update(&m,local_md,MD_DIGEST_LENGTH);
7 MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
8 #ifndef PURIFY
9+#if 0 /* Don't add uninitialised data. */
10 MD_Update(&m,buf,j); /* purify complains */
11 #endif
12+#endif
13 k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
14 if (k > 0)
15 {
diff --git a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
index 3ae6bf456e..283b82add0 100644
--- a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
+++ b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
@@ -13,7 +13,6 @@ SRC_URI += "file://debian/ca.patch \
13 file://debian/no-symbolic.patch \ 13 file://debian/no-symbolic.patch \
14 file://debian/pic.patch \ 14 file://debian/pic.patch \
15 file://debian/pkg-config.patch \ 15 file://debian/pkg-config.patch \
16 file://debian/valgrind.patch \
17 file://debian/rc4-amd64.patch \ 16 file://debian/rc4-amd64.patch \
18 file://debian/rehash-crt.patch \ 17 file://debian/rehash-crt.patch \
19 file://debian/rehash_pod.patch \ 18 file://debian/rehash_pod.patch \