projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6e404d5) | patch
openssl: security bump to version 1.0.2a
authorGustavo Zacarias <gustavo@zacarias.com.ar>
Thu, 19 Mar 2015 14:34:40 +0000 (11:34 -0300)
committerPeter Korsgaard <peter@korsgaard.com>
Thu, 19 Mar 2015 20:50:58 +0000 (21:50 +0100)
commit85e7efff1afd1f00c2e83e7f71a80375824f42d4
treef6f5ccc75ceaffccf20d394ab13018129c208cf0tree
parent6e404d5294f7fa503fc62ff0eec2a647402434fecommit | diff
openssl: security bump to version 1.0.2a

Fixes:
CVE-2015-0291 - ClientHello sigalgs DoS
CVE-2015-0290 - Multiblock corrupted pointer
CVE-2015-0207 - Segmentation fault in DTLSv1_listen
CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp
CVE-2015-0208 - Segmentation fault for invalid PSS parameters
CVE-2015-0287 - ASN.1 structure reuse memory corruption
CVE-2015-0289 - PKCS7 NULL pointer dereferences
CVE-2015-0293 - DoS via reachable assert in SSLv2 servers
CVE-2015-1787 - Empty CKE with client auth and DHE
CVE-2015-0285 - Handshake with unseeded PRNG
CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error
CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref

musl patch removed since it's no longer necessary.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/openssl/004-musl-termios.patch [deleted file] blob | history
package/openssl/openssl.hash diff | blob | history
package/openssl/openssl.mk diff | blob | history