<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-connectivity/openssl/openssl10, branch master</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=master</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=master'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2019-05-15T16:53:29+00:00</updated>
<entry>
<title>openssl: Remove openssl10</title>
<updated>2019-05-15T16:53:29+00:00</updated>
<author>
<name>Adrian Bunk</name>
<email>bunk@stusta.de</email>
</author>
<published>2019-05-12T19:53:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=a98ac2a39b30b3a3e94669616900547b0b87992a'/>
<id>urn:sha1:a98ac2a39b30b3a3e94669616900547b0b87992a</id>
<content type='text'>
OpenSSL 1.0 has been replaced by 1.1, and it would be harder
to security-support after the upstream EOL at the end of 2019.

(From OE-Core rev: 0f7ffcaa18db7bc27f30c994aafbb9f4f8b2ae7e)

Signed-off-by: Adrian Bunk &lt;bunk@stusta.de&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl10: Fix mutliple include assumptions for des.h in opensslconf.h</title>
<updated>2019-03-03T15:38:13+00:00</updated>
<author>
<name>Denys Dmytriyenko</name>
<email>denys@ti.com</email>
</author>
<published>2019-03-01T20:05:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=8d1b011b44d9ada7a11a095082d1d607cbf8a74b'/>
<id>urn:sha1:8d1b011b44d9ada7a11a095082d1d607cbf8a74b</id>
<content type='text'>
The fix is heavily based on Khem's previous fix for bn.h/BN_LLONG breakage:
https://git.openembedded.org/openembedded-core/commit/?id=f787b0bb9b0626ddbf2ac94cb206c76716a3773d

(From OE-Core rev: 914e1520bf9c45e14bce9993c9131a2c0702b9c9)

Signed-off-by: Denys Dmytriyenko &lt;denys@ti.com&gt;
Cc: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h</title>
<updated>2019-02-08T10:57:19+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2019-02-07T06:25:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=be3745522dd60f8f63658d8ecebc2dd79209d70b'/>
<id>urn:sha1:be3745522dd60f8f63658d8ecebc2dd79209d70b</id>
<content type='text'>
After adding #pragma once to wrapper header ( opensslconf.h ) this
latent issue got to bite us, where it expect bn.h to be including
openssl.h to define BN_* defines, which is fragile. This patch removes
the contraints for nested includes for bn.h

(From OE-Core rev: f787b0bb9b0626ddbf2ac94cb206c76716a3773d)

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl10: update to 1.0.2q</title>
<updated>2018-11-23T23:35:18+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2018-11-22T15:41:22+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=476b644ef1e72f3bb7b814e3c2cca1d262f26cdd'/>
<id>urn:sha1:476b644ef1e72f3bb7b814e3c2cca1d262f26cdd</id>
<content type='text'>
(From OE-Core rev: 03149ca307282c22dd9ceb6fe3224bf586b03f6d)

Signed-off-by: Alexander Kanavin &lt;alex.kanavin@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl: fix CVE-2018-0734 for both 1.0.2p and 1.1.1</title>
<updated>2018-11-07T23:08:54+00:00</updated>
<author>
<name>Kai Kang</name>
<email>kai.kang@windriver.com</email>
</author>
<published>2018-11-02T08:02:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=d5fe5c654b7d36dcbea03231320cb6edbb6788c0'/>
<id>urn:sha1:d5fe5c654b7d36dcbea03231320cb6edbb6788c0</id>
<content type='text'>
Backport patches to fix CVE-2018-0734 for both openssl 1.0.2p and 1.1.1
versions.

(From OE-Core rev: 9d5c6a87eb72a8b8b8d417126a831565982ca9a6)

Signed-off-by: Kai Kang &lt;kai.kang@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl10: fix compile error for debian-mips64</title>
<updated>2018-09-20T12:41:32+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2018-09-19T08:26:46+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=fb7b9e2d15224b175a577f0687843cafc345cec2'/>
<id>urn:sha1:fb7b9e2d15224b175a577f0687843cafc345cec2</id>
<content type='text'>
Current configuration for debian-mips64 is not correct,
'SIXTY_FOUR_BIT_LONG' need to be specified. otherwise,
it will cause other recipe like crda compile failed since
use default THIRTY_TWO_BIT mode.

(From OE-Core rev: 68f82ceb289149885eb0b04547cb4f79a680183b)

Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl: rename openssl 1.0.x to openssl10 and make openssl 1.1.x the default version</title>
<updated>2018-09-04T10:03:56+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alexander.kanavin@linux.intel.com</email>
</author>
<published>2018-08-28T10:23:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=df15a4c914177024f1825aacb4701fd232e1dd58'/>
<id>urn:sha1:df15a4c914177024f1825aacb4701fd232e1dd58</id>
<content type='text'>
I believe the time has come to do this: openssl 1.0 upstream support stops at the end
of 2019, and we do not want a situation where a supported YP release contains an
unsupported version of a critical security component.

Openssl 1.0 can still be utilized by depending on 'openssl10' recipe.

(From OE-Core rev: 876466145f2da93757ba3f92177d0f959f5fe975)

Signed-off-by: Alexander Kanavin &lt;alexander.kanavin@linux.intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl10: rename back to openssl and make it the default via PREFERRED_VERSION</title>
<updated>2017-08-19T21:15:39+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alexander.kanavin@linux.intel.com</email>
</author>
<published>2017-08-18T19:31:29+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=7a4361c506ac24bafcf294f498d00278f11c3bd4'/>
<id>urn:sha1:7a4361c506ac24bafcf294f498d00278f11c3bd4</id>
<content type='text'>
openssl 1.1 broke 3rd party layers a lot more than was expected; let's flip
the switch at the start of next development cycle.

Add a PROVIDES = "openssl10" to openssl 1.0 recipe; any dependency that is
not compatible with 1.1 should use that in its DEPENDS, as the 1.0
recipe will later be renamed back to openssl10. This does not always work:
http://lists.openembedded.org/pipermail/openembedded-core/2017-August/140957.html
but for many recipes it does.

(From OE-Core rev: 5585103c195104e85ed7ac1455bef91b2e88a04d)

Signed-off-by: Alexander Kanavin &lt;alexander.kanavin@linux.intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>openssl: add a 1.1 version</title>
<updated>2017-08-13T08:27:38+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alexander.kanavin@linux.intel.com</email>
</author>
<published>2017-08-08T15:30:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=e326733d69181a03af7a4f837ea78fce348fdf00'/>
<id>urn:sha1:e326733d69181a03af7a4f837ea78fce348fdf00</id>
<content type='text'>
Existing openssl 1.0 recipe is renamed to openssl10; it will
continue to be provided for as long as upstream supports it
(and there are still several recipes which do not work with openssl
1.1 due to API differences).

A few files (such as openssl binary) are no longer installed by openssl 1.0,
because they clash with openssl 1.1.

(From OE-Core rev: da1183f9fa5e06fbe66b5b31eb3313d5d35d11e3)

Signed-off-by: Alexander Kanavin &lt;alexander.kanavin@linux.intel.com&gt;
Signed-off-by: Ross Burton &lt;ross.burton@intel.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
