1 files changed, 0 insertions, 40 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch b/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch
deleted file mode 100644
index 0c43919427..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-commit 208d54db20d58c9a5e45e856a0650caadd7d9612
-Author: Dr. Stephen Henson <steve@openssl.org>
-Date:   Tue May 13 18:48:31 2014 +0100
-    Fix for CVE-2014-0195
-    
-    A buffer overrun attack can be triggered by sending invalid DTLS fragments
-    to an OpenSSL DTLS client or server. This is potentially exploitable to
-    run arbitrary code on a vulnerable client or server.
-    
-    Fixed by adding consistency check for DTLS fragments.
-    
-    Thanks to Jüri Aedla for reporting this issue.
-Patch borrowed from Fedora
-Upstream-Status: Backport
-Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
-diff --git a/ssl/d1_both.c b/ssl/d1_both.c
-index 2e8cf68..07f67f8 100644
--- a/ssl/d1_both.c
-+++ b/ssl/d1_both.c
-@@ -627,7 +627,16 @@ dtls1_reassemble_fragment(SSL *s, struct hm_header_st* msg_hdr, int *ok)
-                frag->msg_header.frag_off = 0;
-                }
-        else
-+               {
-                frag = (hm_fragment*) item->data;
-+               if (frag->msg_header.msg_len != msg_hdr->msg_len)
-+                       {
-+                       item = NULL;
-+                       frag = NULL;
-+                       goto err;
-+                       }
-+               }
-+
- 
-        /* If message is already reassembled, this must be a
-         * retransmit and can be dropped.

diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch b/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch deleted file mode 100644 index 0c43919427..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0195.patch +++ /dev/null
@@ -1,40 +0,0 @@
1	commit 208d54db20d58c9a5e45e856a0650caadd7d9612
2	Author: Dr. Stephen Henson <steve@openssl.org>
3	Date: Tue May 13 18:48:31 2014 +0100
4
5	Fix for CVE-2014-0195
6
7	A buffer overrun attack can be triggered by sending invalid DTLS fragments
8	to an OpenSSL DTLS client or server. This is potentially exploitable to
9	run arbitrary code on a vulnerable client or server.
10
11	Fixed by adding consistency check for DTLS fragments.
12
13	Thanks to Jüri Aedla for reporting this issue.
14
15	Patch borrowed from Fedora
16	Upstream-Status: Backport
17	Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com>
18
19	diff --git a/ssl/d1_both.c b/ssl/d1_both.c
20	index 2e8cf68..07f67f8 100644
21	--- a/ssl/d1_both.c
22	+++ b/ssl/d1_both.c
23	@@ -627,7 +627,16 @@ dtls1_reassemble_fragment(SSL s, struct hm_header_st msg_hdr, int *ok)
24	frag->msg_header.frag_off = 0;
25	}
26	else
27	+ {
28	frag = (hm_fragment*) item->data;
29	+ if (frag->msg_header.msg_len != msg_hdr->msg_len)
30	+ {
31	+ item = NULL;
32	+ frag = NULL;
33	+ goto err;
34	+ }
35	+ }
36	+
37
38	/* If message is already reassembled, this must be a
39	* retransmit and can be dropped.
40