summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl/openssl/openssl-1.0.1e-cve-2014-0221.patch
Commit message (Collapse)AuthorAgeFilesLines
* openssl: Upgrade to 1.0.1jSaul Wold2014-10-231-38/+0
| | | | | | | | | This address the latest set of CVE issues (From OE-Core rev: 461e598815f8749bb26e97369e3b877f7ce749cf) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2014-0221Paul Eggleton2014-06-101-0/+38
http://www.openssl.org/news/secadv_20140605.txt DTLS recursion flaw (CVE-2014-0221) By sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack. Only applications using OpenSSL as a DTLS client are affected. (Patch borrowed from Fedora.) (From OE-Core rev: 833920fadd58fe353d27f94f340e3a9f6923afb8) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-08 00:10:11 +0000