linux/poky.git - Mirror of git.yoctoproject.org/poky

	Commit message (Collapse)	Author	Age	Files	Lines
*	openssl: upgrade to 1.0.1p	Tudor Florea	2015-07-10	1	-56/+0
\| \| \| \| \| \| \|	This upgrade fixes CVE-2015-1793 Removed openssl-fix-link.patch. The linking issue has been fixed in openssl. Signed-off-by: Tudor Florea <tudor.florea@enea.com>
*	openssl: Upgrade to 1.0.1o to address some CVEs	Tudor Florea	2015-07-07	1	-0/+56
	Upgrade from 1.0.1m to 1.0.1n addresses following vulnerabilities: CVE-2015-4000, DHE man-in-the-middle protection (Logjam) CVE-2015-1788, Malformed ECParameters causes infinite loop CVE-2015-1789, Exploitable out-of-bounds read in X509_cmp_time CVE-2015-1790, PKCS7 crash with missing EnvelopedContent CVE-2015-1791, Race condition handling NewSessionTicket CVE-2015-1792, CMS verify infinite loop with unknown hash function Upgrade from 1.0.1n to 1.0.1o fixes ABI compatibility issues: Fix HMAC ABI incompatibility. The previous version introduced an ABI incompatibility in the handling of HMAC. The previous ABI has now been restored. References: http://openssl.org/news/secadv_20150611.txt https://github.com/openssl/openssl/blob/OpenSSL_1_0_1-stable/CHANGES Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com> Signed-off-by: Tudor Florea <tudor.florea@enea.com>