diff options
author | Armin Kuster <akuster@mvista.com> | 2016-05-03 16:46:05 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-05-09 08:03:57 +0100 |
commit | c693f34f54257a8eca9fe8c5a9eee5647b7eeb0c (patch) | |
tree | 51c7bb2926bd9c33ad2a6a91ee80d3d6a6273133 /meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch | |
parent | 3d985512acdf1d7821c410d196fe372221555524 (diff) | |
download | openembedded-core-contrib-c693f34f54257a8eca9fe8c5a9eee5647b7eeb0c.tar.gz |
openssl: Security fix via update to 1.0.2h
CVE-2016-2105
CVE-2016-2106
CVE-2016-2109
CVE-2016-2176
https://www.openssl.org/news/secadv/20160503.txt
fixup openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
drop crypto_use_bigint_in_x86-64_perl.patch as that fix is in latest.
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch index cebc8cf0d0..f736e5c098 100644 --- a/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch +++ b/meta/recipes-connectivity/openssl/openssl/openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch @@ -8,16 +8,16 @@ http://www.mail-archive.com/openssl-dev@openssl.org/msg32860.html Signed-off-by: Xufeng Zhang <xufeng.zhang@windriver.com> --- -Index: openssl-1.0.2/crypto/evp/digest.c +Index: openssl-1.0.2h/crypto/evp/digest.c =================================================================== ---- openssl-1.0.2.orig/crypto/evp/digest.c -+++ openssl-1.0.2/crypto/evp/digest.c -@@ -208,7 +208,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c - return 0; +--- openssl-1.0.2h.orig/crypto/evp/digest.c ++++ openssl-1.0.2h/crypto/evp/digest.c +@@ -211,7 +211,7 @@ int EVP_DigestInit_ex(EVP_MD_CTX *ctx, c + type = ctx->digest; } #endif - if (ctx->digest != type) { + if (type && (ctx->digest != type)) { - if (ctx->digest && ctx->digest->ctx_size) + if (ctx->digest && ctx->digest->ctx_size) { OPENSSL_free(ctx->md_data); - ctx->digest = type; + ctx->md_data = NULL; |