diff options
author | Ovidiu Panait <ovidiu.panait@windriver.com> | 2022-03-20 11:29:13 +0200 |
---|---|---|
committer | Anuj Mittal <anuj.mittal@intel.com> | 2022-03-25 09:38:32 +0800 |
commit | efb991167652b148da299e6297da5ab2d715e2b4 (patch) | |
tree | 319d55bf2abf5d788fc98a916419c6c3c15987c0 | |
parent | bcef80623f015c006778edee5cf40dad063e51db (diff) | |
download | openembedded-core-contrib-efb991167652b148da299e6297da5ab2d715e2b4.tar.gz |
openssl: upgrade 1.1.1l -> 1.1.1n
Upgrade openssl 1.1.1l -> 1.1.1n to fix CVE-2022-0778:
https://nvd.nist.gov/vuln/detail/CVE-2022-0778
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65
This also fixes an evp_extra_test ptest failure introduced by openssl-1.1.1m:
"""
not ok 19 - test_signatures_with_engine
ERROR: (ptr) 'e = ENGINE_by_id(engine_id) != NULL' failed @ ../openssl-1.1.1m/test/evp_extra_test.c:1890
0x0
not ok 20 - test_cipher_with_engine
<snip>
"""
The ptest change is already present in Yocto master since oe-core
commit 5cd40648b0ba ("openssl: upgrade to 3.0.1").
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl_1.1.1n.bb (renamed from meta/recipes-connectivity/openssl/openssl_1.1.1l.bb) | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb index 50500eebc2..df13abf54e 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb @@ -29,7 +29,7 @@ SRC_URI_append_riscv32 = " \ file://0004-Fixup-support-for-io_pgetevents_time64-syscall.patch \ " -SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1" +SRC_URI[sha256sum] = "40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" @@ -204,6 +204,7 @@ do_install_ptest () { install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines # seems to be needed with perl 5.32.1 |