sysmo-bts
/
generic-poky
9
0
Fork 0
Code Pull Requests Releases Activity
generic-poky/meta/recipes-connectivity/openssl/openssl-1.0.1e
History
Holger Hans Peter Freyther ceac7bd7b9 openssl: Apply patches from RHEL to address open CVEs 
The patches were taken from openssl-1.0.1e-51.el7_2.2.src.rpm and
apply all CVEs that were not applied yet. Document which patches
were not applied. There should be another openssl version soon as
the next round of fixes was announced for the 1st of March.

After the upgrade "opkg update with https feeds" and "openvpn against
netport" were tested. They seem to work.

Fixes: SYS#2448
 		2016-02-27 17:14:08 +01:00
..
debian openssl: update range information in man-section.patch 2013-04-16 12:06:40 +01:00
rhel openssl: Apply patches from RHEL to address open CVEs 2016-02-27 17:14:08 +01:00
0001-Fix-DTLS-retransmission-from-previous-session.patch Security Advisory - openssl - CVE-2013-6450 2014-04-09 09:00:40 +01:00
0001-Fix-for-TLS-record-tampering-bug-CVE-2013-4353.patch Security Advisory - openssl - CVE-2013-4353 2014-04-09 09:00:40 +01:00
0001-Use-version-in-SSL_METHOD-not-SSL-structure.patch Security Advisory - openssl - CVE-2013-6449 2014-04-09 09:00:40 +01:00
CVE-2014-0160.patch openssl: backport fix for CVE-2014-0160 2014-04-09 09:00:40 +01:00
configure-targets.patch openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00
engines-install-in-libdir-ssl.patch openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00
find.pl openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00
fix-cipher-des-ede3-cfb1.patch openssl: Add fix for cipher des-ede3-cfb1 2013-06-17 16:45:36 +01:00
oe-ldflags.patch openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00
openssl-1.0.1e-cve-2014-0195.patch openssl: fix CVE-2014-0195 2014-06-10 17:12:23 +01:00
openssl-1.0.1e-cve-2014-0198.patch openssl: use upstream fix for CVE-2014-0198 2014-06-10 17:12:24 +01:00
openssl-1.0.1e-cve-2014-0221.patch openssl: fix CVE-2014-0221 2014-06-10 17:12:24 +01:00
openssl-1.0.1e-cve-2014-0224.patch openssl: fix CVE-2014-0224 2014-06-10 17:12:24 +01:00
openssl-1.0.1e-cve-2014-3470.patch openssl: fix CVE-2014-3470 2014-06-10 17:12:24 +01:00
openssl-CVE-2010-5298.patch openssl: fix for CVE-2010-5298 2014-06-10 17:12:24 +01:00
openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch openssl: avoid NULL pointer dereference in three places 2013-08-26 11:47:17 +01:00
openssl-avoid-NULL-pointer-dereference-in-dh_pub_encode.patch openssl: avoid NULL pointer dereference in three places 2013-08-26 11:47:17 +01:00
openssl-fix-CVE-2014-3513.patch openssl: Fix for CVE-2014-3513 2016-01-27 14:22:00 +01:00
openssl-fix-CVE-2014-3566.patch openssl: Fix for CVE-2014-3566 2016-01-27 14:21:49 +01:00
openssl-fix-CVE-2014-3567.patch openssl: Fix for CVE-2014-3567 2016-01-27 14:22:11 +01:00
openssl-fix-CVE-2014-3568.patch openssl: Fix for CVE-2014-3568 2016-01-27 14:22:24 +01:00
openssl-fix-doc.patch openssl: fix documentation build errors with Perl 5.18 pod2man 2013-05-30 21:10:22 +01:00
openssl-fix-link.patch openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00
openssl_fix_for_x32.patch openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00
shared-libs.patch openssl: Upgrade to v1.0.1e 2013-04-09 13:16:53 +01:00