openssl: Security fix via update to 1.0.2h

CVE-2016-2105 CVE-2016-2106 CVE-2016-2109 CVE-2016-2176 https://www.openssl.org/news/secadv/20160503.txt fixup openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch drop crypto_use_bigint_in_x86-64_perl.patch as that fix is in latest. (From OE-Core rev: c693f34f54257a8eca9fe8c5a9eee5647b7eeb0c) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Armin Kuster <akuster@mvista.com> 2016-05-03 16:46:05 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2016-05-17 21:27:07 +0100
commit: 73daaa207754e48efef59b516ad5601129cf4bac (patch)
tree: fc5f0fad04d6777dc61eb89d0069ae83bcf8c7b8 /meta/recipes-connectivity/openssl/openssl
parent: 776192eea7530aa9ffd4774d37bc5cfab84c51c4 (diff)
download: openembedded-core-73daaa207754e48efef59b516ad5601129cf4bac.tar.gz
1 files changed, 7 insertions, 7 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
index cebc8cf0d0..f736e5c098 100644
--- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
+++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
@@ -8,16 +8,16 @@ http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html
 
 Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com>
 ---
-Index: openssl-1.0.2/crypto/evp/digest.c
+Index: openssl-1.0.2h/crypto/evp/digest.c
 ===================================================================
---- openssl-1.0.2.orig/crypto/evp/digest.c
-+++ openssl-1.0.2/crypto/evp/digest.c
-@@ -208,7 +208,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
-         return 0;
+--- openssl-1.0.2h.orig/crypto/evp/digest.c
++++ openssl-1.0.2h/crypto/evp/digest.c
+@@ -211,7 +211,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c
+         type = ctx->digest;
      }
  #endif
 -    if (ctx->digest != type) {
 +    if (type && (ctx->digest != type)) {
-         if (ctx->digest && ctx->digest->ctx_size)
+         if (ctx->digest && ctx->digest->ctx_size) {
              OPENSSL_free(ctx->md_data);
-         ctx->digest = type;
+             ctx->md_data = NULL;
author	Armin Kuster <akuster@mvista.com>	2016-05-03 16:46:05 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2016-05-17 21:27:07 +0100
commit	73daaa207754e48efef59b516ad5601129cf4bac (patch)
tree	fc5f0fad04d6777dc61eb89d0069ae83bcf8c7b8 /meta/recipes-connectivity/openssl/openssl
parent	776192eea7530aa9ffd4774d37bc5cfab84c51c4 (diff)
download	openembedded-core-73daaa207754e48efef59b516ad5601129cf4bac.tar.gz