<feed xmlns='http://www.w3.org/2005/Atom'>
<title>buildroot/package/libopenssl, branch 2017.11.2</title>
<subtitle>OpenPOWER buildroot sources</subtitle>
<id>https://git.raptorcs.com/git/buildroot/atom?h=2017.11.2</id>
<link rel='self' href='https://git.raptorcs.com/git/buildroot/atom?h=2017.11.2'/>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/'/>
<updated>2017-12-27T11:47:08+00:00</updated>
<entry>
<title>package/libopenssl: security bump to version 1.0.2n</title>
<updated>2017-12-27T11:47:08+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-12-09T19:57:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=b952174bae513246301560254d57a0e854567f68'/>
<id>urn:sha1:b952174bae513246301560254d57a0e854567f68</id>
<content type='text'>
Fixes CVE-2017-3737 &amp; CVE-2017-3738:
https://www.openssl.org/news/secadv/20171207.txt

Added license hash.

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
(cherry picked from commit 09a756a5a740d38d835538401944b94025ef1b06)
Signed-off-by: Peter Korsgaard &lt;peter@korsgaard.com&gt;
</content>
</entry>
<entry>
<title>package/libopenssl: security bump to version 1.0.2m</title>
<updated>2017-11-03T20:55:52+00:00</updated>
<author>
<name>Bernd Kuhls</name>
<email>bernd.kuhls@t-online.de</email>
</author>
<published>2017-11-03T18:33:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=63023c407fe601d7c349fbff1ef1fbb246b1e288'/>
<id>urn:sha1:63023c407fe601d7c349fbff1ef1fbb246b1e288</id>
<content type='text'>
Fixes the following CVEs:
bn_sqrx8x_internal carry bug on x86_64 (CVE-2017-3736)
Malformed X.509 IPAddressFamily could cause OOB read (CVE-2017-3735)

Release notes: https://www.openssl.org/news/secadv/20171102.txt

Signed-off-by: Bernd Kuhls &lt;bernd.kuhls@t-online.de&gt;
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
<entry>
<title>openssl: new virtual package</title>
<updated>2017-10-21T19:28:13+00:00</updated>
<author>
<name>Adam Duskett</name>
<email>aduskett@gmail.com</email>
</author>
<published>2017-10-18T02:32:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.raptorcs.com/git/buildroot/commit/?id=f974a493f03bf9ab9df9111782e838a70d616a57'/>
<id>urn:sha1:f974a493f03bf9ab9df9111782e838a70d616a57</id>
<content type='text'>
To ease the transition to having both OpenSSL and LibreSSL, there has to be
a new virtual package introduced to handle both.

Instead of making a libssl, and adding OpenSSL and libressl to that package,
it will be far easier to move openssl to libopenssl and to make OpenSSL
a virtual package.  This offers a few advantages:

- BR2_PACKAGE_OPENSSL is still a visible symbol with no dependencies.
- It does not require a huge patch to convert every instance of
  OpenSSL -&gt; libssl)
- Users will be able to update without ever having to select anything new.
- LibreSSL can be added at a later date to the virtual package.

Signed-off-by: Adam Duskett &lt;Adamduskett@outlook.com&gt;
[Thomas: define BR2_PACKAGE_PROVIDES_HOST_OPENSSL to the value
"host-libopenssl" as we always want to use the original OpenSSL for
the host variant.]
Signed-off-by: Thomas Petazzoni &lt;thomas.petazzoni@free-electrons.com&gt;
</content>
</entry>
</feed>
