package/openssl: security bump to version 1.0.2i - buildroot

diff options

author	Bernd Kuhls <bernd.kuhls@t-online.de>	2016-09-22 19:16:54 +0200
committer	Peter Korsgaard <peter@korsgaard.com>	2016-09-22 21:09:33 +0200
commit	ba16a7a93edb46db409e51992c265ca7e14c13ff (patch)
tree	95f2c1caf7f034bf312c376f55dca352956a3dc7 /package/rpi-userland/0004-host-applications-disable-missing-applications.patch
parent	e79272fa7ff3d66c18de3514b912cd9d68d121a4 (diff)
download	buildroot-ba16a7a93edb46db409e51992c265ca7e14c13ff.tar.gz buildroot-ba16a7a93edb46db409e51992c265ca7e14c13ff.zip

package/openssl: security bump to version 1.0.2i

https://www.openssl.org/news/secadv/20160922.txt Fixes SSL_peek() hang on empty record (CVE-2016-6305) SWEET32 Mitigation (CVE-2016-2183) OOB write in MDC2_Update() (CVE-2016-6303) Malformed SHA512 ticket DoS (CVE-2016-6302) OOB write in BN_bn2dec() (CVE-2016-2182) OOB read in TS_OBJ_print_bio() (CVE-2016-2180) Pointer arithmetic undefined behaviour (CVE-2016-2177) Constant time flag not preserved in DSA signing (CVE-2016-2178) DTLS buffered message DoS (CVE-2016-2179) DTLS replay protection DoS (CVE-2016-2181) Certificate message OOB reads (CVE-2016-6306) Excessive allocation of memory in tls_get_message_header() (CVE-2016-6307) Excessive allocation of memory in dtls1_preprocess_fragment() (CVE-2016-6308) Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

Diffstat (limited to 'package/rpi-userland/0004-host-applications-disable-missing-applications.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: