openssl: drop the valgrind patch that introduce a security hole
debian/valgrind.patch is the 'famous' Debian OpenSSL patch responsible for everyone using Debian and derivatives changing their keys. All keys generated with the patched OpenSSL are compromised so at very least we have to drop this patch for good. Signed-off-by: Ilya Yanok <yanok@emcraft.com> Signed-off-by: Saul Wold <sgw@linux.intel.com>
This commit is contained in:
parent
05cb09b2ff
commit
81f1457d7e
|
@ -1,15 +0,0 @@
|
|||
Index: openssl-0.9.8k/crypto/rand/md_rand.c
|
||||
===================================================================
|
||||
--- openssl-0.9.8k.orig/crypto/rand/md_rand.c 2008-09-16 13:50:05.000000000 +0200
|
||||
+++ openssl-0.9.8k/crypto/rand/md_rand.c 2009-07-19 11:36:05.000000000 +0200
|
||||
@@ -477,8 +477,10 @@
|
||||
MD_Update(&m,local_md,MD_DIGEST_LENGTH);
|
||||
MD_Update(&m,(unsigned char *)&(md_c[0]),sizeof(md_c));
|
||||
#ifndef PURIFY
|
||||
+#if 0 /* Don't add uninitialised data. */
|
||||
MD_Update(&m,buf,j); /* purify complains */
|
||||
#endif
|
||||
+#endif
|
||||
k=(st_idx+MD_DIGEST_LENGTH/2)-st_num;
|
||||
if (k > 0)
|
||||
{
|
|
@ -13,7 +13,6 @@ SRC_URI += "file://debian/ca.patch \
|
|||
file://debian/no-symbolic.patch \
|
||||
file://debian/pic.patch \
|
||||
file://debian/pkg-config.patch \
|
||||
file://debian/valgrind.patch \
|
||||
file://debian/rc4-amd64.patch \
|
||||
file://debian/rehash-crt.patch \
|
||||
file://debian/rehash_pod.patch \
|
||||
|
|
Loading…
Reference in New Issue