buildroot

mirror of https://github.com/godotengine/buildroot.git synced 2026-01-23 16:51:44 +03:00

Author	SHA1	Message	Date
Gustavo Zacarias	2de2570477	openssl: security bump to version 1.0.2h Fixes: CVE-2016-2105 - Fix EVP_EncodeUpdate overflow CVE-2016-2106 - Fix EVP_EncryptUpdate overflow CVE-2016-2107 - Prevent padding oracle in AES-NI CBC MAC check CVE-2016-2109 - Prevent ASN.1 BIO excessive memory allocation CVE-2016-2176 - EBCDIC overread Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2016-05-04 22:44:51 +02:00
Gustavo Zacarias	25b218c144	openssl: security bump to version 1.0.2g Fixes: CVE-2016-0800 - Cross-protocol attack on TLS using SSLv2 (DROWN) CVE-2016-0705 - Double-free in DSA code CVE-2016-0798 - Memory leak in SRP database lookups CVE-2016-0797 - BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption CVE-2016-0799 - Fix memory issues in BIO_*printf functions CVE-2016-0702 - Side channel attack on modular exponentiation Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2016-03-01 15:48:08 +01:00
Bernd Kuhls	7d8b6bdd00	package/openssl: security bump to version 1.0.2f Fixes DH small subgroups (CVE-2016-0701) SSLv2 doesn't block disabled ciphers (CVE-2015-3197) An update on DHE man-in-the-middle protection (Logjam) Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2016-01-28 22:26:15 +01:00
Gustavo Zacarias	37e7c34aaf	openssl: re-enable parallel build The previous incarnation was incomplete, it only applied one of the Gentoo patches, hence it had corner cases. Apply all 4 patches as pointed out by Mike on the mailing list. Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-12-17 22:15:33 +01:00
Gustavo Zacarias	e9fb14ecef	openssl: security bump to version 1.0.2e Fixes: CVE-2015-3193 - BN_mod_exp may produce incorrect results on x86_64 CVE-2015-3194 - Certificate verify crash with missing PSS parameter CVE-2015-3195 - X509_ATTRIBUTE memory leak Enable IDEA as well since otherwise the build breaks (always great upstream) - it's no longer patent encumbered. [Peter: correct sha256] Signed-off-by: Gustavo Zacarias <gustavo.zacarias@free-electrons.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2015-12-03 22:08:27 +01:00
Yann E. MORIN	a597e3c676	Revert "openssl: enable parallel build and installation" This reverts commit `55e4ec054c`. There are still build failures in parallel builds: http://autobuild.buildroot.org/results/9a0/9a0fc1064010a658155e6a18ec72e0e3c58ec7f6/ http://autobuild.buildroot.org/results/c28/c28064f383da1f577bd9227d004f1939daf4579f/ http://autobuild.buildroot.org/results/218/2180b9d900b27103acc92a2932f7ffa560b04831/ and so on... Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Cc: Ryan Barnett <rjbarnet@rockwellcollins.com> Cc: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Cc: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-11-23 18:32:25 +01:00
Ryan Barnett	55e4ec054c	openssl: enable parallel build and installation This is a patch that is originally based on a patch Thomas P. submitted for an earlier version of this package. I have adopted this patch to use the latest available Gentoo parallel patch. I have also seen about a minute improvement on my build times of openssl. Part of Thomas P's original message: On my build server, the current build of OpenSSL takes 1 minutes and 20 seconds. With this commit applied, enabling parallel build and installation, the build only takes 28 seconds. All the patches are downloaded from Gentoo. There is apparently some interest in upstream OpenSSL to enable parallel build, see for example commit `c3f22253b1`. This commit is not part of any OpenSSL release, but we can hope that the problem will resolved in the future. Signed-off-by: Ryan Barnett <ryanbarnett3@gmail.com> CC: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> CC: Gustavo Zacarias <gustavo@zacarias.com.ar> CC: Arnout Vandecappelle <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-09-16 22:20:52 +02:00
Gustavo Zacarias	d4e547438c	openssl: security bump to version 1.0.2d Fixes CVE-2015-1793 - Alternative chains certificate forgery. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-07-09 22:03:05 +02:00
Gustavo Zacarias	e4f2d3b12a	openssl: bump to version 1.0.2c Fixes HMAC ABI breakage from 1.0.2b Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-06-12 22:16:11 +02:00
Gustavo Zacarias	53c8d64c08	openssl: security bump to version 1.0.2b CVE-2015-1790 - PKCS7 crash with missing EnvelopedContent CVE-2015-1789 - Exploitable out-of-bounds read in X509_cmp_time CVE-2015-1788 - Malformed ECParameters causes infinite loop CVE-2015-1792 - CMS verify infinite loop with unknown hash function CVE-2015-1791 - Race condition handling NewSessionTicket Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-06-12 21:28:21 +02:00
Gustavo Zacarias	85e7efff1a	openssl: security bump to version 1.0.2a Fixes: CVE-2015-0291 - ClientHello sigalgs DoS CVE-2015-0290 - Multiblock corrupted pointer CVE-2015-0207 - Segmentation fault in DTLSv1_listen CVE-2015-0286 - Segmentation fault in ASN1_TYPE_cmp CVE-2015-0208 - Segmentation fault for invalid PSS parameters CVE-2015-0287 - ASN.1 structure reuse memory corruption CVE-2015-0289 - PKCS7 NULL pointer dereferences CVE-2015-0293 - DoS via reachable assert in SSLv2 servers CVE-2015-1787 - Empty CKE with client auth and DHE CVE-2015-0285 - Handshake with unseeded PRNG CVE-2015-0209 - Use After Free following d2i_ECPrivatekey error CVE-2015-0288 - X509_to_X509_REQ NULL pointer deref musl patch removed since it's no longer necessary. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2015-03-19 21:50:58 +01:00
Vicente Olivert Riera	74dd54bf73	openssl: bump version to 1.0.2 - Bump version to 1.0.2 - Adapt patches to new version - Update hash value Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2015-01-27 14:31:35 +01:00
Gustavo Zacarias	e06d091d59	openssl: bump to version 1.0.1l Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2015-01-20 00:43:33 +01:00
Gustavo Zacarias	04f99f9659	openssl: security bump to version 1.0.1k Fixes: CVE-2014-3571 - DTLS segmentation fault in dtls1_get_record CVE-2015-0206 - DTLS memory leak in dtls1_buffer_record CVE-2014-3569 - no-ssl3 configuration sets method to NULL CVE-2014-3572 - ECDHE silently downgrades to ECDH [Client] CVE-2015-0204 - RSA silently downgrades to EXPORT_RSA [Client] CVE-2015-0205 - DH client certificates accepted without verification [Server] CVE-2014-8275 - Certificate fingerprints can be modified CVE-2014-3570 - Bignum squaring may produce incorrect results Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>	2015-01-08 21:16:53 +01:00
Gustavo Zacarias	326781940f	openssl: security bump to version 1.0.1j Fixes: CVE-2014-3513 - SRTP memory leak CVE-2014-3567 - Session ticket memory leak CVE-2014-3568 - Build option no-ssl3 is incomplete And adds SSL3 fallback protection against POODLE. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2014-10-17 14:17:48 +02:00
Gustavo Zacarias	d242e6d471	openssl: add hash Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Acked-by: "Yann E. MORIN" <yann.morin.1998@free.fr> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>	2014-09-18 21:43:40 +02:00

16 Commits