summaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/openssl/openssl
Commit message (Collapse)AuthorAgeFilesLines
...
* openssl: Security fix Drown via 1.0.2g updateArmin Kuster2016-03-032-8/+4665
| | | | | | | | | | | | | | | | | | | | CVE-2016-0800 CVE-2016-0705 CVE-2016-0798 CVE-2016-0797 CVE-2016-0799 CVE-2016-0702 CVE-2016-0703 CVE-2016-0704 https://www.openssl.org/news/secadv/20160301.txt Updated 2 debian patches to match changes in 1.0.2g (From OE-Core rev: 7933fbbc6372ec8edaec82dd5c7b44fa2d15a4d5) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Add musl configuration supportKhem Raj2015-12-121-0/+27
| | | | | | | | | | use termios instead of termio (From OE-Core rev: 753b6233e5da66d9e64952b8089589a1beebf8a9) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta: Fix typos in Upstream-Status labelsPaul Eggleton2015-11-161-1/+1
| | | | | | | | | | | We need these to be consistent so they are possible to programmatically read. (From OE-Core rev: c64fdfd27103a4962c74c88f4ef7940cda6832eb) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix ptest failuresMaxin B. John2015-10-011-0/+248
| | | | | | | | | | | | | Remove dependencies for test targets. Otherwise, during ptest execution, "make" tries to rebuild those executables and fails there. [YOCTO #8059] (From OE-Core rev: 0efdd2236ec7f16f99847c6c372f372f81c56869) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.2dJan Wetter2015-07-101-35/+0
| | | | | | | | | | This upgrade fixes CVE-2015-1793 Removed openssl-fix-link.patch. The linking issue has been fixed in openssl. (From OE-Core rev: 631632addbc81b06b7accfca8f8a9871d6b09111) Signed-off-by: Jan Wetter <jan.wetter@mikrom.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.2cRoy Li2015-07-012-43/+9
| | | | | | | | | | | upgrade to fix the CVE: CVE-2015-1788..CVE-2015-1792 and CVE-2014-8176 remove a backport patch update the c_rehash-compat.patch (From OE-Core rev: 5a70e45b8c6cb0fa7ea4fe1b326ad604508d00cb) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix building on x32 systemsCristian Iorga2015-06-231-0/+46
| | | | | | | | | | | | | Fix build on Fedora 21 i686. When building on x32 systems where the default type is 32bit, make sure that 64bit integers can be represented transparently. (From OE-Core rev: cd3eddcf2842b9a360f72caf4337ab2968462bb2) Signed-off-by: Cristian Iorga <cristian.iorga@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Backport upstreamed version of patch to fix build on mips64Khem Raj2015-05-302-53/+30
| | | | | | | | | | Previous patch had a concern as well and this is a direct backport of the patch fixing the problem. (From OE-Core rev: 3d48bb6d2d65d0837dcacc262633a55053652e5f) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Fix build with gcc5 on mips64Khem Raj2015-05-241-0/+53
| | | | | | | | | Patch is submitted upstream as well (From OE-Core rev: 40016c7c19abdbdae4fcd86fab9672631f26712b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: drop the padlock_conf.patchRoy Li2015-05-241-31/+0
| | | | | | | | | | | | padlock_conf.patch will enable the padlock engine by default, but this engine does not work on some 32bit machine, and lead to openssl unable to work (From OE-Core rev: f7d186abca6ed9b48ae7393b8f244e1bfb46cb41) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: remove 3 patchesRobert Yang2015-04-303-107/+0
| | | | | | | | | | | | | | | Removed: - openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch - upgate-vegsion-script-for-1.0.2.patch Since they are already in the source. - make-targets.patch It removed test dir from DIRS, which is not needed any more since we need build it. (From OE-Core rev: 5fa533c69f92f2dd46c795509b0830b36413b814) Signed-off-by: Robert Yang <liezhi.yang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* crypto: use bigint in x86-64 perlArmin Kuster2015-04-151-0/+35
| | | | | | | | | | | | | | on some hosts openssl fails to build with this error: ghash-x86_64.s: Assembler messages: ghash-x86_64.s:890: Error: junk '.15473355479995e+19' after expression backported fix from community. (From OE-Core rev: 8230f873921d5c16106e3ebf57053a646bc6ad78) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: 1.0.2 -> 1.0.2aRichard Purdie2015-03-251-18/+21
| | | | | | | | | | | Patch updated to drop TERMIO flags since these are the default on Linux anyway (see https://git.openssl.org/?p=openssl.git;a=commit;h=64e6bf64b36136d487e2fbf907f09612e69ae911) Also drop patch merged upstream. (From OE-Core rev: 6cc1315b77bbdcc8f3a0d1e3132ad79ebbeeb2de) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade to 1.0.2Saul Wold2015-03-1015-458/+512
| | | | | | | | | | | | | Rebased numerous patches removed aarch64 initial work since it's part of upstream now Imported a few additional patches from Debian to support the version-script and blacklist additional bad certificates. (From OE-Core rev: 10b689033551c37d6cafa284d82bdccd43f6113e) Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.1iPaul Eggleton2014-08-111-45/+0
| | | | | | | | | Removed one patch merged upstream. (From OE-Core rev: fc1d2b4ec7e7f5c5e2b3434bc8208967ead6f336) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix ptestsPaul Eggleton2014-06-101-0/+30
| | | | | | | | | | | | | | Add some missing dependencies and fix the Makefile in order to get most of the ptest tests working (specifically test_bn, test_verify, test_cms, test_srp and test_heartbeat). test_verify still fails for unknown reasons (perhaps some of the now expired certificates weren't meant to have expired as far as the test is concerned?) but at least it has the certificates to run now. (From OE-Core rev: c679ec81c19dd2b5e366b713801785ce0ba5b49a) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: upgrade to 1.0.1hPaul Eggleton2014-06-104-448/+45
| | | | | | | | | | | | | | | | | | | | | | Fixes the following security issues: * CVE-2014-0224 * CVE-2014-0221 * CVE-2014-0195 * CVE-2014-3470 The patch for CVE-2010-5298, CVE-2014-0198 and a fix for building the documentation are integrated upstream in this release and so were dropped. Additionally, a patch from upstream was added in order to fix a failure during do_compile_ptest_base. A similar upgrade was also submitted by Yao Xinpan <yaoxp@cn.fujitsu.com> and Lei Maohui <leimaohui@cn.fujitsu.com>. (From OE-Core rev: a3e80de6d423c272a287bf3538196b48ac5ddec1) Signed-off-by: Paul Eggleton <paul.eggleton@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: add openssl-CVE-2010-5298.patch SRC_URIRoy Li2014-05-291-0/+24
| | | | | | | | | | make openssl-CVE-2010-5298.patch truely work (From OE-Core rev: eab33442480cc27a5cd00b3f46984fea74b7c0f9) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: update upstream status for a patchCristiana Voicu2014-05-081-0/+1
| | | | | | | | | | | The patch is not included in 1.0.1g, but it is included on 1.0.2 branch. (From OE-Core rev: f99ca886da274fafa212e354f9e4871eb7e59e87) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: fix CVE-2014-0198Maxin B. John2014-05-081-0/+23
| | | | | | | | | | | | | | A null pointer dereference bug was discovered in do_ssl3_write(). An attacker could possibly use this to cause OpenSSL to crash, resulting in a denial of service. https://access.redhat.com/security/cve/CVE-2014-0198 (From OE-Core rev: 580033721abbbb4302bc803ebc70c90e331e4587) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: enable ptest supportMaxin B. John2014-04-292-0/+77
| | | | | | | | | | Install openssl test suite and run it as ptest. (From OE-Core rev: c48981d2d24a20978a17866fa478dde21bd96b91) Signed-off-by: Maxin B. John <maxin.john@enea.com> Signed-off-by: Saul Wold <sgw@linux.intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* openssl: Upgrade to v1.0.1gCristiana Voicu2014-04-0823-0/+6029
The trigger for the upgrade was the serious "heartbleed" vulnerability (CVE-2014-0160). More information: http://www.itnews.com.au/News/382068,serious-openssl-bug-renders-websites-wide-open.aspx Dropped obsolete patches, because the new version contains them: 0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch 0001-Fix-DTLS-retransmission-from-previous-session.patch 0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch Modified 2 patches (small changes), in order to apply properly: initial-aarch64-bits.patch openssl-fix-doc.patch Addresses CVEs: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076 (From OE-Core rev: ff52836e1838590eeec7d7658e15b21d83cf8455) Signed-off-by: Cristiana Voicu <cristiana.voicu@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-06-27 14:59:38 +0000