[yocto] OpenSSL 1.0.0m
Khem Raj
raj.khem at gmail.com
Thu Jul 24 17:51:05 PDT 2014
On Thu, Jul 24, 2014 at 5:44 PM, Mark Evans <mark.a.evans at gmail.com> wrote:
> question on the openssl recipes and openssl versions... Point me to the
> correct distro if this is the incorrect spot to ask this...
>
> We're currently on Danny, 1.3.2. In there, the openssl version is 1.0.0j.
> The openssl project is currently promoting 1.0.1h. Due to the multiple CVEs
> being released, we're wanting to move to the latest. But, looking at the
> poky releases, it seems that, after "Danny", Poky reverted back to 1.0.0e
> and added patches as CVEs are released. For example, here's the patches in
> "Daisy" (1.6.1):
>
> openssl-1.0.1e-cve-2014-0195.patch
> openssl-1.0.1e-cve-2014-0198.patch
> openssl-1.0.1e-cve-2014-0221.patch
> openssl-1.0.1e-cve-2014-0224.patch
> openssl-1.0.1e-cve-2014-3470.patch
> openssl-CVE-2010-5298.patch
>
> Am I reading that correct? If I move to the recipes there, will that close
> current issues on openssl? Or, is there a recipe available to use 1.0.1h?
>
oe-core/master is having 1.0.1h, you can backport that into your own
layer and tool your project
to use it.
> Thanks for any info.
> Mark Evans
>
> --
> _______________________________________________
> yocto mailing list
> yocto at yoctoproject.org
> https://lists.yoctoproject.org/listinfo/yocto
>
More information about the yocto
mailing list