From a200115c769eff4b9b0241d54ed5ad86da08fdbc Mon Sep 17 00:00:00 2001 From: Stefan Agner Date: Sat, 18 Nov 2017 09:53:54 +0100 Subject: openssl10: Upgrade 1.0.2l -> 1.0.2m Deals with two CVEs: * bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736) * Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735) Signed-off-by: Stefan Agner Acked-by: Otavio Salvador Signed-off-by: Ross Burton --- .../openssl/openssl-1.0.2m/debian1.0.2/soname.patch | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 meta/recipes-connectivity/openssl/openssl-1.0.2m/debian1.0.2/soname.patch (limited to 'meta/recipes-connectivity/openssl/openssl-1.0.2m/debian1.0.2/soname.patch') diff --git a/meta/recipes-connectivity/openssl/openssl-1.0.2m/debian1.0.2/soname.patch b/meta/recipes-connectivity/openssl/openssl-1.0.2m/debian1.0.2/soname.patch new file mode 100644 index 0000000000..09dd9eaf86 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl-1.0.2m/debian1.0.2/soname.patch @@ -0,0 +1,15 @@ +Upstream-Status: Inappropriate + +Index: openssl-1.0.2d/crypto/opensslv.h +=================================================================== +--- openssl-1.0.2d.orig/crypto/opensslv.h ++++ openssl-1.0.2d/crypto/opensslv.h +@@ -88,7 +88,7 @@ extern "C" { + * should only keep the versions that are binary compatible with the current. + */ + # define SHLIB_VERSION_HISTORY "" +-# define SHLIB_VERSION_NUMBER "1.0.0" ++# define SHLIB_VERSION_NUMBER "1.0.2" + + + #ifdef __cplusplus -- cgit 1.2.3-korg