diff mbox series

[dunfell] openssl: upgrade 1.1.1s to 1.1.1t

Message ID PR3P192MB07142C2980B0341534DEAE4BDAA59@PR3P192MB0714.EURP192.PROD.OUTLOOK.COM
State New, archived
Headers show
Series [dunfell] openssl: upgrade 1.1.1s to 1.1.1t | expand

Commit Message

Hugo Simeliere Feb. 21, 2023, 4:23 p.m. UTC 
Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023]
* Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
* Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215)
* Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450)
* Fixed Timing Oracle in RSA Decryption (CVE-2022-4304)

Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
---
.../openssl/{openssl_1.1.1s.bb => openssl_1.1.1t.bb}            | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
rename meta/recipes-connectivity/openssl/{openssl_1.1.1s.bb => openssl_1.1.1t.bb} (98%)

Comments

Steve Sakoman Feb. 24, 2023, 7:44 p.m. UTC | #1 
Also a corruption issue with this patch:

Applying: openssl: upgrade 1.1.1s to 1.1.1t
error: corrupt patch at line 19
error: could not build fake ancestor
Patch failed at 0001 openssl: upgrade 1.1.1s to 1.1.1t

Steve

On Tue, Feb 21, 2023 at 6:24 AM Hugo Simeliere via
lists.openembedded.org
<hsimeliere.opensource=witekio.com@lists.openembedded.org> wrote:
>
> Major changes between OpenSSL 1.1.1s and OpenSSL 1.1.1t [7 Feb 2023]
>
> * Fixed X.400 address type confusion in X.509 GeneralName (CVE-2023-0286)
>
> * Fixed Use-after-free following BIO_new_NDEF (CVE-2023-0215)
>
> * Fixed Double free after calling PEM_read_bio_ex (CVE-2022-4450)
>
> * Fixed Timing Oracle in RSA Decryption (CVE-2022-4304)
>
>
>
> Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
>
> ---
>
> .../openssl/{openssl_1.1.1s.bb => openssl_1.1.1t.bb}            | 2 +-
>
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> rename meta/recipes-connectivity/openssl/{openssl_1.1.1s.bb => openssl_1.1.1t.bb} (98%)
>
>
>
> diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb
>
> similarity index 98%
>
> rename from meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
>
> rename to meta/recipes-connectivity/openssl/openssl_1.1.1t.bb
>
> index 6c8f285996..a1956ad8c2 100644
>
> --- a/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
>
> +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb
>
> @@ -24,7 +24,7 @@ SRC_URI_append_class-nativesdk = " \
>
>             file://environment.d-openssl.sh \
>
>             "
>
> -SRC_URI[sha256sum] = "c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa"
>
> +SRC_URI[sha256sum] = "8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b"
>
>  inherit lib_package multilib_header multilib_script ptest
>
> MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
>
> --
>
> 2.25.1
>
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#177525): https://lists.openembedded.org/g/openembedded-core/message/177525
> Mute This Topic: https://lists.openembedded.org/mt/97112482/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
diff mbox series

Patch

diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb
similarity index 98%
rename from meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
rename to meta/recipes-connectivity/openssl/openssl_1.1.1t.bb
index 6c8f285996..a1956ad8c2 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1s.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1t.bb
@@ -24,7 +24,7 @@  SRC_URI_append_class-nativesdk = " \
            file://environment.d-openssl.sh \
            "
-SRC_URI[sha256sum] = "c5ac01e760ee6ff0dab61d6b2bbd30146724d063eb322180c6f18a6f74e4b6aa"
+SRC_URI[sha256sum] = "8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b"
 inherit lib_package multilib_header multilib_script ptest
MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
--
2.25.1