[Buildroot] [PATCH] openssl: security bump to version 1.0.2b
Thomas Petazzoni
thomas.petazzoni at free-electrons.com
Fri Jun 12 19:29:39 UTC 2015
Dear Gustavo Zacarias,
On Fri, 12 Jun 2015 08:35:59 -0300, Gustavo Zacarias wrote:
> CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent
> CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time
> CVE-2015-1788 - Malformed ECParameters causes infinite loop
> CVE-2015-1792 - CMS verify infinite loop with unknown hash function
> CVE-2015-1791 - Race condition handling NewSessionTicket
>
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
> ---
> ...-match-commands-starting-with-minus-inste.patch | 27 ----------------------
> package/openssl/openssl.hash | 8 +++----
> package/openssl/openssl.mk | 2 +-
> 3 files changed, 5 insertions(+), 32 deletions(-)
> delete mode 100644 package/openssl/005-Make-c_rehash-match-commands-starting-with-minus-inste.patch
Applied, thanks.
Thomas
--
Thomas Petazzoni, CTO, Free Electrons
Embedded Linux, Kernel and Android engineering
http://free-electrons.com
More information about the buildroot
mailing list