buildroot.git/package/openssl, branch 2012.05_rc3 Buildroot: Making Embedded Linux easy https://git.hiegel.fr/cgit/buildroot.git/atom?h=2012.05_rc3 2012-05-14T12:36:17Z openssl: security bump to version 1.0.0j 2012-05-14T12:36:17Z Gustavo Zacarias gustavo@zacarias.com.ar 2012-05-11T05:45:48Z urn:sha1:b108e9b5dd8cfbf8d7f02e602993bdc174febc00 Bump to version 1.0.0j to fix CVE-2012-2333 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: switch to the ocf-linux package 2012-05-05T14:21:49Z Gustavo Zacarias gustavo@zacarias.com.ar 2012-05-05T03:30:24Z urn:sha1:30a246be8bf1617e3be54f063ad79ee8d2aacb07 Remove builtin OCF support from the openssl package into a new package. Even though ocf support is just a header file we'd rather have it in a separate package because of unrelated version bumps and to fetch it from source. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: security bump to version 1.0.0i 2012-04-19T18:44:50Z Gustavo Zacarias gustavo@zacarias.com.ar 2012-04-19T15:32:17Z urn:sha1:776f0b441d775490dad90350ff0005504968e130 Fix for CVE-2012-2110 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: security bump to version 1.0.0h 2012-03-15T22:33:52Z Gustavo Zacarias gustavo@zacarias.com.ar 2012-03-12T21:02:20Z urn:sha1:94b3f6064aa3fcaaece826710e8ac0c0e48fc367 Bump to version 1.0.0h to fix CMS and S/MIME Bleichenbacher attack (CVE-2012-0884) Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: security bump to version 1.0.0g 2012-01-22T20:45:09Z Gustavo Zacarias gustavo@zacarias.com.ar 2012-01-20T19:14:23Z urn:sha1:6d8abaf9f13d9ec9358ca6be2fc9986d2d13d251 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: security bump to version 1.0.0f 2012-01-06T10:03:50Z Gustavo Zacarias gustavo@zacarias.com.ar 2012-01-05T18:26:17Z urn:sha1:19f280c3116bf924e935f0e3ea8e9552f39dff94 Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> package: remove useless arguments from GENTARGETS 2011-09-29T21:09:58Z Thomas Petazzoni thomas.petazzoni@free-electrons.com 2011-09-29T19:57:42Z urn:sha1:0849e8193ef429f29945b8c2a54eafc8635e0969 Thanks to the pkgparentdir and pkgname functions, we can rewrite the GENTARGETS macro in a way that avoids the need for each package to repeat its name and the directory in which it is present. [Peter: pkgdir->pkgparentdir] Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: bump to 1.0.0e 2011-09-12T22:17:15Z Yegor Yefremov yegor_sub1@visionsystems.de 2011-09-07T12:25:02Z urn:sha1:a50f6ef29e72b4725b0e53dbf28922c798eacf06 Changes between 1.0.0d and 1.0.0e [6 Sep 2011] *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted by initialising X509_STORE_CTX properly. (CVE-2011-3207) [Kaspar Brand <ossl@velox.ch>] *) Fix SSL memory handling for (EC)DH ciphersuites, in particular for multi-threaded use of ECDH. (CVE-2011-3210) [Adam Langley (Google)] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check signature public key algorithm by using OID xref utilities instead. Before this you could only use some ECC ciphersuites with SHA1 only. [Steve Henson] *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: http://eprint.iacr.org/2011/232.pdf [Billy Bob Brumley and Nicola Tuveri] Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com> Acked-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: fix compilation for i386 2011-04-01T19:56:21Z Gustavo Zacarias gustavo@zacarias.com.ar 2011-03-14T17:33:48Z urn:sha1:47736c88c3dcc7ec4906bbb80acb194d2211b0c9 Closes #3445. OpenSSL emits bswap instructions when building for i386 targets which unfortunately is only available on 486+ class processors. Since the normal workaround is detected at build time and we are cross compiling we need to specify this. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk> openssl: fix libdir issue 2011-02-23T22:31:49Z Gustavo Zacarias gustavo@zacarias.com.ar 2011-02-03T12:55:48Z urn:sha1:d17c1652808829bfc354683854c7170b90f7f127 Closes #3205 OpenSSL's build system tries to be too wise for it's own good when guessing what libdir should be. This causes problems like the one reported in bug #3205 so just specify libdir to point to /lib (since it's prefixed it would finally be /usr/lib) since it should be present on 32 and 64 bit targets. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>