From 18e9ef2b9b8f9c6353a44315f2efa410457b3ed2 Mon Sep 17 00:00:00 2001 From: Roman I Khimov Date: Wed, 17 Nov 2010 13:57:04 +0300 Subject: [PATCH] openssl: update 1.0.0a to 1.0.0b * fixes CVE-2010-3864 * considered as safe upgrade Signed-off-by: Roman I Khimov Acked-by: Khem Raj Acked-by: Martin Jansa --- .../include/angstrom-2008-preferred-versions.inc | 4 ++-- .../include/angstrom-2010-preferred-versions.inc | 4 ++-- conf/distro/include/preferred-shr-versions.inc | 4 ++-- ...enssl-fix-ssl3_get_key_exchange-double-free.patch | 12 ------------ .../configure-targets.patch | 0 .../{openssl-1.0.0a => openssl-1.0.0b}/debian.patch | 0 .../engines-install-in-libdir-ssl.patch | 0 .../libdeps-first.patch | 0 .../oe-ldflags.patch | 0 .../shared-libs.patch | 0 ...ssl-native_1.0.0a.bb => openssl-native_1.0.0b.bb} | 4 ++-- .../openssl/{openssl_1.0.0a.bb => openssl_1.0.0b.bb} | 7 +++---- 12 files changed, 11 insertions(+), 24 deletions(-) delete mode 100644 recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch rename recipes/openssl/{openssl-1.0.0a => openssl-1.0.0b}/configure-targets.patch (100%) rename recipes/openssl/{openssl-1.0.0a => openssl-1.0.0b}/debian.patch (100%) rename recipes/openssl/{openssl-1.0.0a => openssl-1.0.0b}/engines-install-in-libdir-ssl.patch (100%) rename recipes/openssl/{openssl-1.0.0a => openssl-1.0.0b}/libdeps-first.patch (100%) rename recipes/openssl/{openssl-1.0.0a => openssl-1.0.0b}/oe-ldflags.patch (100%) rename recipes/openssl/{openssl-1.0.0a => openssl-1.0.0b}/shared-libs.patch (100%) rename recipes/openssl/{openssl-native_1.0.0a.bb => openssl-native_1.0.0b.bb} (77%) rename recipes/openssl/{openssl_1.0.0a.bb => openssl_1.0.0b.bb} (71%) diff --git a/conf/distro/include/angstrom-2008-preferred-versions.inc b/conf/distro/include/angstrom-2008-preferred-versions.inc index fc86eefb07..f79e48b721 100644 --- a/conf/distro/include/angstrom-2008-preferred-versions.inc +++ b/conf/distro/include/angstrom-2008-preferred-versions.inc @@ -37,8 +37,8 @@ PREFERRED_VERSION_mythtv = "0.22" PREFERRED_VERSION_mplayer = "0.0+1.0rc3+svnr30165" PREFERRED_VERSION_network-manager-applet = "0.8.1" PREFERRED_VERSION_networkmanager = "0.8.1" -PREFERRED_VERSION_openssl = "1.0.0a" -PREFERRED_VERSION_openssl-native = "1.0.0a" +PREFERRED_VERSION_openssl = "1.0.0b" +PREFERRED_VERSION_openssl-native = "1.0.0b" PREFERRED_VERSION_pango = "1.24.4" PREFERRED_VERSION_pango-native = "1.24.4" #PREFERRED_VERSION_pixman = "0.13.2" diff --git a/conf/distro/include/angstrom-2010-preferred-versions.inc b/conf/distro/include/angstrom-2010-preferred-versions.inc index 36b26b1a67..12ee9008c1 100644 --- a/conf/distro/include/angstrom-2010-preferred-versions.inc +++ b/conf/distro/include/angstrom-2010-preferred-versions.inc @@ -45,8 +45,8 @@ PREFERRED_VERSION_mplayer = "0.0+1.0rc3+svnr30165" PREFERRED_VERSION_network-manager-applet = "0.8.1" PREFERRED_VERSION_networkmanager = "0.8.1" PREFERRED_VERSION_networkmanager-openvpn = "0.8.1" -PREFERRED_VERSION_openssl = "1.0.0a" -PREFERRED_VERSION_openssl-native = "1.0.0a" +PREFERRED_VERSION_openssl = "1.0.0b" +PREFERRED_VERSION_openssl-native = "1.0.0b" PREFERRED_VERSION_pango = "1.28.3" PREFERRED_VERSION_pango-native = "1.28.3" PREFERRED_VERSION_perl = "5.10.1" diff --git a/conf/distro/include/preferred-shr-versions.inc b/conf/distro/include/preferred-shr-versions.inc index 8089d2ef9a..22e1c825c4 100644 --- a/conf/distro/include/preferred-shr-versions.inc +++ b/conf/distro/include/preferred-shr-versions.inc @@ -46,8 +46,8 @@ PREFERRED_VERSION_usbutils = "0.86" PREFERRED_VERSION_wpa-supplicant = "0.6.9" PREFERRED_VERSION_glib-2.0 = "2.24.1" PREFERRED_VERSION_glib-2.0-native = "2.24.1" -PREFERRED_VERSION_openssl = "1.0.0a" -PREFERRED_VERSION_openssl-native = "1.0.0a" +PREFERRED_VERSION_openssl = "1.0.0b" +PREFERRED_VERSION_openssl-native = "1.0.0b" UDEV_GE_141 = "1" PREFERRED_VERSION_postgresql = "8.4.4" diff --git a/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch b/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch deleted file mode 100644 index 4e988498a3..0000000000 --- a/recipes/openssl/openssl-1.0.0a/openssl-fix-ssl3_get_key_exchange-double-free.patch +++ /dev/null @@ -1,12 +0,0 @@ -Index: openssl-1.0.0a/ssl/s3_clnt.c -=================================================================== ---- openssl-1.0.0a.orig/ssl/s3_clnt.c 2010-09-13 18:38:01.000000000 +0400 -+++ openssl-1.0.0a/ssl/s3_clnt.c 2010-09-13 18:38:35.000000000 +0400 -@@ -1508,6 +1508,7 @@ - s->session->sess_cert->peer_ecdh_tmp=ecdh; - ecdh=NULL; - BN_CTX_free(bn_ctx); -+ bn_ctx = NULL; - EC_POINT_free(srvr_ecpoint); - srvr_ecpoint = NULL; - } diff --git a/recipes/openssl/openssl-1.0.0a/configure-targets.patch b/recipes/openssl/openssl-1.0.0b/configure-targets.patch similarity index 100% rename from recipes/openssl/openssl-1.0.0a/configure-targets.patch rename to recipes/openssl/openssl-1.0.0b/configure-targets.patch diff --git a/recipes/openssl/openssl-1.0.0a/debian.patch b/recipes/openssl/openssl-1.0.0b/debian.patch similarity index 100% rename from recipes/openssl/openssl-1.0.0a/debian.patch rename to recipes/openssl/openssl-1.0.0b/debian.patch diff --git a/recipes/openssl/openssl-1.0.0a/engines-install-in-libdir-ssl.patch b/recipes/openssl/openssl-1.0.0b/engines-install-in-libdir-ssl.patch similarity index 100% rename from recipes/openssl/openssl-1.0.0a/engines-install-in-libdir-ssl.patch rename to recipes/openssl/openssl-1.0.0b/engines-install-in-libdir-ssl.patch diff --git a/recipes/openssl/openssl-1.0.0a/libdeps-first.patch b/recipes/openssl/openssl-1.0.0b/libdeps-first.patch similarity index 100% rename from recipes/openssl/openssl-1.0.0a/libdeps-first.patch rename to recipes/openssl/openssl-1.0.0b/libdeps-first.patch diff --git a/recipes/openssl/openssl-1.0.0a/oe-ldflags.patch b/recipes/openssl/openssl-1.0.0b/oe-ldflags.patch similarity index 100% rename from recipes/openssl/openssl-1.0.0a/oe-ldflags.patch rename to recipes/openssl/openssl-1.0.0b/oe-ldflags.patch diff --git a/recipes/openssl/openssl-1.0.0a/shared-libs.patch b/recipes/openssl/openssl-1.0.0b/shared-libs.patch similarity index 100% rename from recipes/openssl/openssl-1.0.0a/shared-libs.patch rename to recipes/openssl/openssl-1.0.0b/shared-libs.patch diff --git a/recipes/openssl/openssl-native_1.0.0a.bb b/recipes/openssl/openssl-native_1.0.0b.bb similarity index 77% rename from recipes/openssl/openssl-native_1.0.0a.bb rename to recipes/openssl/openssl-native_1.0.0b.bb index bb471b0ee2..4ad4936b20 100644 --- a/recipes/openssl/openssl-native_1.0.0a.bb +++ b/recipes/openssl/openssl-native_1.0.0b.bb @@ -2,8 +2,8 @@ require openssl.inc inherit pkgconfig native -SRC_URI[src.md5sum] = "e3873edfffc783624cfbdb65e2249cbd" -SRC_URI[src.sha256sum] = "18a9bd1fc02b8ef90dded34fafaa9089baaafef278a19fc4e89c2ab0dcf70f63" +SRC_URI[src.md5sum] = "104deb3b7e6820cae6de3f49ba0ff2b0" +SRC_URI[src.sha256sum] = "4e7b4e2fb33ee2d97c5e143561ab495dbbfc08f0a863e617a0c7adca19017331" PR = "${INC_PR}.0" DEFAULT_PREFERENCE = "-1" diff --git a/recipes/openssl/openssl_1.0.0a.bb b/recipes/openssl/openssl_1.0.0b.bb similarity index 71% rename from recipes/openssl/openssl_1.0.0a.bb rename to recipes/openssl/openssl_1.0.0b.bb index cc3a8ab31c..13236a4b24 100644 --- a/recipes/openssl/openssl_1.0.0a.bb +++ b/recipes/openssl/openssl_1.0.0b.bb @@ -1,10 +1,10 @@ inherit pkgconfig require openssl.inc -SRC_URI[src.md5sum] = "e3873edfffc783624cfbdb65e2249cbd" -SRC_URI[src.sha256sum] = "18a9bd1fc02b8ef90dded34fafaa9089baaafef278a19fc4e89c2ab0dcf70f63" +SRC_URI[src.md5sum] = "104deb3b7e6820cae6de3f49ba0ff2b0" +SRC_URI[src.sha256sum] = "4e7b4e2fb33ee2d97c5e143561ab495dbbfc08f0a863e617a0c7adca19017331" -PR = "${INC_PR}.1" +PR = "${INC_PR}.0" DEFAULT_PREFERENCE = "-1" @@ -17,7 +17,6 @@ SRC_URI += "file://configure-targets.patch \ file://oe-ldflags.patch \ file://libdeps-first.patch \ file://engines-install-in-libdir-ssl.patch \ - file://openssl-fix-ssl3_get_key_exchange-double-free.patch \ " PARALLEL_MAKE = "" -- 2.39.5