Age | Commit message (Collapse) | Author |
|
The backported upgrade to 1.0.2h included an updated GNU LD
version-script which results in an ABI change. In order to try and
respect ABI for existing binaries built against fido this commit
partially reverts the version-script to maintain the existing ABI
and instead only add the new symbols required by 1.0.2h.
Suggested-by: Martin Jansa <martin.jansa@gmail.com>
(From OE-Core rev: 480db6be99f9a53d8657b31b846f0079ee1a124f)
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
* CVEs:
- CVE-2016-0705
- CVE-2016-0798
- CVE-2016-0797
- CVE-2016-0799
- CVE-2016-0702
- CVE-2016-0703
- CVE-2016-0704
- CVE-2016-2105
- CVE-2016-2106
- CVE-2016-2109
- CVE-2016-2176
* The LICENSE's checksum is changed because of date changes (2011 ->
2016), the contents are the same.
* Remove backport patches
- 0001-Add-test-for-CVE-2015-3194.patch
- CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch
- CVE-2015-3194-1-Add-PSS-parameter-check.patch
- CVE-2015-3195-Fix-leak-with-ASN.1-combine.patch
- CVE-2015-3197.patch
- CVE-2016-0701_1.patch
- CVE-2016-0701_2.patch
- CVE-2016-0800.patch
- CVE-2016-0800_2.patch
- CVE-2016-0800_3.patch
* Update crypto_use_bigint_in_x86-64_perl.patch
* Add version-script.patch and update block_diginotar.patch (From master branch)
* Update openssl-avoid-NULL-pointer-dereference-in-EVP_DigestInit_ex.patch
(From Armin)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
padlock_conf.patch will enable the padlock engine by default,
but this engine does not work on some 32bit machine, and lead
to openssl unable to work
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Rebased numerous patches
removed aarch64 initial work since it's part of upstream now
Imported a few additional patches from Debian to support the version-script
and blacklist additional bad certificates.
Signed-off-by: Saul Wold <sgw@linux.intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|