diff options
| author | Andrew Geissler <geissonator@yahoo.com> | 2019-02-26 03:54:23 +0300 |
|---|---|---|
| committer | Andrew Geissler <geissonator@yahoo.com> | 2019-02-26 03:55:01 +0300 |
| commit | 99467dab23c4af816958fdd98218ca613308b402 (patch) | |
| tree | de31fa6e710794fb8435279b8cc7f48dbe241f26 /poky/meta/recipes-connectivity/openssl/openssl10 | |
| parent | 0c13e4cf5913a901598c0c13ba172ce6e5a7b4f6 (diff) | |
| download | openbmc-99467dab23c4af816958fdd98218ca613308b402.tar.xz | |
poky: refresh thud: b904775c2b..7c76c5d78b
Update poky to thud HEAD.
Adam Trhon (1):
icecc-env: don't raise error when icecc not installed
Alexander Kanavin (1):
openssl10: update to 1.0.2q
Armin Kuster (1):
perl: add testdepends for ssh
Bruce Ashfield (2):
linux-yocto/4.18: update to v4.18.26
linux-yocto/4.18: update to v4.18.27
Changqing Li (1):
checklayer: generate locked-sigs.inc under builddir
Dan Dedrick (2):
devtool: remove duplicate overrides
devtool: improve git repo checks before check_commits logic
Daniel Ammann (1):
ref-manual: Typo found and fixed.
Douglas Royds (2):
openssl ptest: Strip build host paths from configdata.pm
openssl: Strip perl version from installed ptest configdata.pm file
Dustin Bain (1):
busybox: update to 1.29.3
Jan Kiszka (1):
oe-git-proxy: Avoid resolving NO_PROXY against local files
Jens Rehsack (1):
avahi: avoid depending on skipped package
Jonas Bonn (1):
keymaps: tighten package write dependency
Kai Kang (1):
selftest/wic: update test case test_qemu
Khem Raj (3):
openssl10: Fix mutliple include assumptions for bn.h in opensslconf.h
send-error-report: Use https instead of http protocol
multilib_header_wrapper.h: Use #pragma once
Leonardo Augusto (1):
scripts/lib/wic/engine: Fix cp's target path for ext* filesystems
Liu Haitao (1):
iw: fix parsing of WEP keys
Mingli Yu (1):
logrotate.py: restore /etc/logrotate.d/wtmp
Otavio Salvador (1):
linux-firmware: Bump to 710963f revision
Ovidiu Panait (1):
ghostscript: Fix CVE-2019-6116
Peter Kjellerstedt (1):
libaio: Extend to native
Richard Purdie (23):
package: Add pkg_postinst_ontarget to PACKAGEVARS
oeqa/runtime/ptest: Avoid traceback for tests with no section
oeqa/utils/logparser: Simplify ptest log parsing code
oeqa/logparser: Further simplification/clarification
oeqa/logparser: Reform the ptest results parser
oeqa/utils/logparser: Add in support for duration, exitcode and logs by section
oeqa/logparser: Improve results handling
oeqa/logparser: Various misc cleanups
oeqa/runtime/ptest: Ensure OOM errors are logged
scripts/contrib/build-perf-test-wrapper.sh: Improve interaction with autobuilder automation
scripts/contrib/build-perf-test.sh: Remove it
oe-build-perf-report: Allow branch without hostname
oe-build-perf-report: Allow commits from different branches
oe-build-perf-report: Improve branch comparision handling
oe-build-perf-report: Fix missing buildstats comparisions
wic/engine: Fix missing parted autobuilder failures
lib/buildstats: Improve error message
scripts/oe-git-archive: Separate out functionality to library function
oe-build-perf-report/gitarchive: Move common useful functions to library
bitbake: runqueue: Fix dependency loop analysis 'hangs'
bitbake: runqueue: Filter out multiconfig dependencies from BB_TASKDEPDATA
bitbake: siggen: Fix multiconfig corner case
bitbake: cooker: Tweak multiconfig dependency resolution
Robert Yang (5):
bluez5: Fix a race issue for tools
yocto-check-layer-wrapper: Fix path for oe-init-build-env
checklayer: Avoid adding the layer if it is already present
runqemu: Let qemuparams override default settings
runqemu: Make QB_MEM easier to set
Ross Burton (3):
e2fsprogs: fix file system generation with large files
linux-firmware: recommend split up packages
linux-firmware: split out liquidio firmware
Scott Rifenbark (2):
poky.ent: Updated "meta-intel" version to "10.1"
overview-manual, mega-manual: Updated Package Feeds diagram
Serhey Popovych (1):
openssl: Skip assembler optimized code for powerpc64 with musl
William Bourque (1):
wic/engine.py: Load paths from PATH environment variable
Xulin Sun (1):
openssl: fix multilib file install conflicts
Zheng Ruoqin (1):
mdadm: add init and service scripts
Change-Id: Ib14c2fb69d25d84aa3d4bf0a6715bba57d1eb900
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
Diffstat (limited to 'poky/meta/recipes-connectivity/openssl/openssl10')
| -rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch | 33 | ||||
| -rw-r--r-- | poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch | 33 |
2 files changed, 33 insertions, 33 deletions
diff --git a/poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch b/poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch new file mode 100644 index 000000000..13d39c918 --- /dev/null +++ b/poky/meta/recipes-connectivity/openssl/openssl10/0001-Fix-BN_LLONG-breakage.patch @@ -0,0 +1,33 @@ +From 247b3188cde5f3347091cd54271127386d3aece0 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Wed, 6 Feb 2019 22:10:33 -0800 +Subject: [PATCH] Fix BN_LLONG breakage + +opensslconf.h is un-defining BN_LLONG only when included from bn.h which +is not robust at all, especially when include guards are used and +multiple inclusions of a given header is not allowed. so lets take out +the nesting constraint and add OPENSSL_SYS_UEFI constraint instead + +Upstream-Status: Inappropriate [ fixed differently with OpenSSL 1.1+ ] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + crypto/opensslconf.h.in | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/crypto/opensslconf.h.in b/crypto/opensslconf.h.in +index 7a1c85d..a10c10f 100644 +--- a/crypto/opensslconf.h.in ++++ b/crypto/opensslconf.h.in +@@ -56,7 +56,7 @@ + #endif + #endif + +-#if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) ++#if !defined(OPENSSL_SYS_UEFI) && !defined(CONFIG_HEADER_BN_H) + #define CONFIG_HEADER_BN_H + #undef BN_LLONG + +-- +2.20.1 + diff --git a/poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch b/poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch deleted file mode 100644 index b9865a69b..000000000 --- a/poky/meta/recipes-connectivity/openssl/openssl10/0001-fix-CVE-2018-0734.patch +++ /dev/null @@ -1,33 +0,0 @@ -CVE: CVE-2018-0734 - -Upstream-Status: Backport - -Signed-off-by: Kai Kang <kai.kang@windriver.com> - -From 43e6a58d4991a451daf4891ff05a48735df871ac Mon Sep 17 00:00:00 2001 -From: Pauli <paul.dale@oracle.com> -Date: Mon, 29 Oct 2018 08:24:22 +1000 -Subject: [PATCH] Merge DSA reallocation timing fix CVE-2018-0734. - -Reviewed-by: Richard Levitte <levitte@openssl.org> -(Merged from https://github.com/openssl/openssl/pull/7513) ---- - crypto/dsa/dsa_ossl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c -index 2dcfedeeee..100e269268 100644 ---- a/crypto/dsa/dsa_ossl.c -+++ b/crypto/dsa/dsa_ossl.c -@@ -279,7 +279,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, - goto err; - - /* Preallocate space */ -- q_bits = BN_num_bits(dsa->q); -+ q_bits = BN_num_bits(dsa->q) + sizeof(dsa->q->d[0]) * 16; - if (!BN_set_bit(&k, q_bits) - || !BN_set_bit(&l, q_bits) - || !BN_set_bit(&m, q_bits)) --- -2.17.0 - |