From 81f1457d7e5092ced648993f3507fdee0165580f Mon Sep 17 00:00:00 2001
From: Ilya Yanok <yanok@emcraft.com>
Date: Tue, 18 Jan 2011 01:36:17 +0300
Subject: openssl: drop the valgrind patch that introduce a security hole

debian/valgrind.patch is the 'famous' Debian OpenSSL patch responsible
for everyone using Debian and derivatives changing their keys. All keys
generated with the patched OpenSSL are compromised so at very least we
have to drop this patch for good.

Signed-off-by: Ilya Yanok <yanok@emcraft.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>
---
 .../openssl/openssl-0.9.8p/debian/valgrind.patch          | 15 ---------------
 meta/recipes-connectivity/openssl/openssl_0.9.8p.bb       |  1 -
 2 files changed, 16 deletions(-)
 delete mode 100644 meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch

(limited to 'meta/recipes-connectivity')

diff --git a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch b/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
deleted file mode 100644
index e9f86eabbf..0000000000
--- a/meta/recipes-connectivity/openssl/openssl-0.9.8p/debian/valgrind.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Index: openssl-0.9.8k/crypto/rand/md_rand.c
-===================================================================
---- openssl-0.9.8k.orig/crypto/rand/md_rand.c	2008-09-16 13:50:05.000000000 +0200
-+++ openssl-0.9.8k/crypto/rand/md_rand.c	2009-07-19 11:36:05.000000000 +0200
-@@ -477,8 +477,10 @@
- 		MD_Update(&m,local_md,MD_DIGEST_LENGTH);
- 		MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
- #ifndef PURIFY
-+#if 0 /* Don't add uninitialised data. */
- 		MD_Update(&m,buf,j); /* purify complains */
- #endif
-+#endif
- 		k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
- 		if (k > 0)
- 			{
diff --git a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
index 3ae6bf456e..283b82add0 100644
--- a/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
+++ b/meta/recipes-connectivity/openssl/openssl_0.9.8p.bb
@@ -13,7 +13,6 @@ SRC_URI += "file://debian/ca.patch \
             file://debian/no-symbolic.patch \
             file://debian/pic.patch \
             file://debian/pkg-config.patch \
-            file://debian/valgrind.patch \
             file://debian/rc4-amd64.patch \
             file://debian/rehash-crt.patch \
             file://debian/rehash_pod.patch \
-- 
cgit v1.2.3-54-g00ecf