openssl: Security fix CVE-2016-2181

affects openssl < 1.0.1i

Signed-off-by: Armin Kuster <akuster@mvista.com>

1 files changed, 30 insertions, 0 deletions

diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-2181_p3.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2181_p3.patch
new file mode 100644
index 0000000000..a752f89ff0
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2181_p3.patch
@@ -0,0 +1,30 @@
+From 26aebca74e38ae09f673c2045cc8e2ef762d265a Mon Sep 17 00:00:00 2001
+From: Matt Caswell <matt@openssl.org>
+Date: Wed, 17 Aug 2016 17:55:36 +0100
+Subject: [PATCH] Update function error code
+
+A function error code needed updating due to merge issues.
+
+Reviewed-by: Richard Levitte <levitte@openssl.org>
+
+Upstream-Status: Backport
+CVE: CVE-2016-2181 patch 3
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ ssl/ssl.h | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: openssl-1.0.2h/ssl/ssl.h
+===================================================================
+--- openssl-1.0.2h.orig/ssl/ssl.h
++++ openssl-1.0.2h/ssl/ssl.h
+@@ -2623,7 +2623,7 @@ void ERR_load_SSL_strings(void);
+ # define SSL_F_DTLS1_HEARTBEAT                            305
+ # define SSL_F_DTLS1_OUTPUT_CERT_CHAIN                    255
+ # define SSL_F_DTLS1_PREPROCESS_FRAGMENT                  288
+-# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS             404
++# define SSL_F_DTLS1_PROCESS_BUFFERED_RECORDS             424
+ # define SSL_F_DTLS1_PROCESS_OUT_OF_SEQ_MESSAGE           256
+ # define SSL_F_DTLS1_PROCESS_RECORD                       257
+ # define SSL_F_DTLS1_READ_BYTES                           258