mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-04-29 09:32:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

openssl: upgrade to 1.0.2c

Browse Source 
upgrade to fix the CVE: CVE-2015-1788..CVE-2015-1792 and CVE-2014-8176
remove a backport patch
update the c_rehash-compat.patch

(From OE-Core master rev: 5a70e45b8c6cb0fa7ea4fe1b326ad604508d00cb)

(From OE-Core rev: 7bc77f508a6ba6a409568be818a1795770261dc6)

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Joshua Lock <joshua.lock@collabora.co.uk>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Roy Li
2015-06-24 10:10:18 +08:00
committed by Richard Purdie
parent ee88b51cf2
commit 0b506a72f4
2 changed files with 11 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
meta/recipes-connectivity/openssl/openssl/debian/c_rehash-compat.patch
View File

@@ -5,14 +5,10 @@ Subject: [PATCH] also create old hash for compatibility
Upstream-Status: Backport [debian]
---
tools/c_rehash.in | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
Index: openssl-1.0.2~beta3/tools/c_rehash.in
===================================================================
--- openssl-1.0.2~beta3.orig/tools/c_rehash.in
+++ openssl-1.0.2~beta3/tools/c_rehash.in
diff --git a/tools/c_rehash.in b/tools/c_rehash.in
index b086ff9..b777d79 100644
--- a/tools/c_rehash.in
+++ b/tools/c_rehash.in
@@ -8,8 +8,6 @@ my $prefix;
my $openssl = $ENV{OPENSSL} || "openssl";
@@ -23,14 +19,14 @@ Index: openssl-1.0.2~beta3/tools/c_rehash.in
my $symlink_exists=eval {symlink("",""); 1};
my $removelinks = 1;
@@ -18,10 +16,7 @@ my $removelinks = 1;
while ( $ARGV[0] =~ '-.*' ) {
while ( $ARGV[0] =~ /^-/ ) {
my $flag = shift @ARGV;
last if ( $flag eq '--');
- if ( $flag =~ /-old/) {
- if ( $flag eq '-old') {
- $x509hash = "-subject_hash_old";
- $crlhash = "-hash_old";
- } elsif ( $flag =~ /-h/) {
+ if ( $flag =~ /-h/) {
- } elsif ( $flag eq '-h') {
+ if ( $flag eq '-h') {
help();
} elsif ( $flag eq '-n' ) {
$removelinks = 0;
@@ -52,7 +48,7 @@ Index: openssl-1.0.2~beta3/tools/c_rehash.in
$fname =~ s/'/'\\''/g;
my ($hash, $fprint) = `"$openssl" x509 $x509hash -fingerprint -noout -in "$fname"`;
chomp $hash;
@@ -177,10 +175,20 @@ sub link_hash_cert {
@@ -176,11 +174,21 @@ sub link_hash_cert {
$hashlist{$hash} = $fprint;
}

4
meta/recipes-connectivity/openssl/openssl_1.0.2a.bb → meta/recipes-connectivity/openssl/openssl_1.0.2c.bb
View File

@@ -38,8 +38,8 @@ SRC_URI += "file://configure-targets.patch \
file://crypto_use_bigint_in_x86-64_perl.patch \
"
SRC_URI[md5sum] = "a06c547dac9044161a477211049f60ef"
SRC_URI[sha256sum] = "15b6393c20030aab02c8e2fe0243cb1d1d18062f6c095d67bca91871dc7f324a"
SRC_URI[md5sum] = "8c8d81a9ae7005276e486702edbcd4b6"
SRC_URI[sha256sum] = "0038ba37f35a6367c58f17a7a7f687953ef8ce4f9684bbdec63e62515ed36a83"
PACKAGES =+ " \
${PN}-engines \