buildroot/package/openssl, branch 2016.08

openssl: fix m68k uclinux compile

2016-08-01T21:03:24+00:00

The GCC manual suggest when getting: relocation truncated to fit: R_68K_GOT16O foobar to use -mxgot. Fixes: http://autobuild.buildroot.net/results/455fd0f274bfa4bbd786bcd6740ecf960e47c1bd/ Signed-off-by: Waldemar Brodkorb Signed-off-by: Thomas Petazzoni

openssl: disable assembly for ARMv7M

2016-06-22T14:59:23+00:00

It requires interwork and v7M is thumb-only. Fixes: http://autobuild.buildroot.net/results/55d/55dc9d6826defd2c9048c2991019d4d573d34af4/ [Peter: use R2_ARM_CPU_HAS_ARM for logic] Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: security bump to version 1.0.2h

2016-05-04T20:44:51+00:00

Fixes: CVE-2016-2105 - Fix EVP_EncodeUpdate overflow CVE-2016-2106 - Fix EVP_EncryptUpdate overflow CVE-2016-2107 - Prevent padding oracle in AES-NI CBC MAC check CVE-2016-2109 - Prevent ASN.1 BIO excessive memory allocation CVE-2016-2176 - EBCDIC overread Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: enable aarch64 optimization

2016-04-20T06:59:32+00:00

Signed-off-by: Matthew Shyu Signed-off-by: Peter Korsgaard

arch/x86: remove support for i386

2016-04-18T21:38:34+00:00

The Linux kernel doesn't even support i386 anymore, there is no NPTL support for i386 and uClibc-ng only supports NPTL on x86, so there is essentially no usable thread implementation. Most likely glibc and musl also don't support i386 either. So it's time to remove the support for this architecture variant. Signed-off-by: Thomas Petazzoni Reviewed-by: Arnout Vandecappelle (Essensium/Mind) Signed-off-by: Thomas Petazzoni

openssl: security bump to version 1.0.2g

2016-03-01T14:48:08+00:00

Fixes: CVE-2016-0800 - Cross-protocol attack on TLS using SSLv2 (DROWN) CVE-2016-0705 - Double-free in DSA code CVE-2016-0798 - Memory leak in SRP database lookups CVE-2016-0797 - BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption CVE-2016-0799 - Fix memory issues in BIO_*printf functions CVE-2016-0702 - Side channel attack on modular exponentiation Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

package/openssl: security bump to version 1.0.2f

2016-01-28T21:26:15+00:00

Fixes DH small subgroups (CVE-2016-0701) SSLv2 doesn't block disabled ciphers (CVE-2015-3197) An update on DHE man-in-the-middle protection (Logjam) Signed-off-by: Bernd Kuhls Signed-off-by: Peter Korsgaard

openssl: re-enable parallel build

2015-12-17T21:15:33+00:00

The previous incarnation was incomplete, it only applied one of the Gentoo patches, hence it had corner cases. Apply all 4 patches as pointed out by Mike on the mailing list. Signed-off-by: Gustavo Zacarias Signed-off-by: Thomas Petazzoni

openssl: security bump to version 1.0.2e

2015-12-03T21:08:27+00:00

Fixes: CVE-2015-3193 - BN_mod_exp may produce incorrect results on x86_64 CVE-2015-3194 - Certificate verify crash with missing PSS parameter CVE-2015-3195 - X509_ATTRIBUTE memory leak Enable IDEA as well since otherwise the build breaks (always great upstream) - it's no longer patent encumbered. [Peter: correct sha256] Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

Revert "openssl: enable parallel build and installation"

2015-11-23T17:32:25+00:00

This reverts commit 55e4ec054c21b9164e10c323a5f0afff1deb1d67. There are still build failures in parallel builds: http://autobuild.buildroot.org/results/9a0/9a0fc1064010a658155e6a18ec72e0e3c58ec7f6/ http://autobuild.buildroot.org/results/c28/c28064f383da1f577bd9227d004f1939daf4579f/ http://autobuild.buildroot.org/results/218/2180b9d900b27103acc92a2932f7ffa560b04831/ and so on... Signed-off-by: "Yann E. MORIN" Cc: Ryan Barnett Cc: Thomas Petazzoni Cc: Gustavo Zacarias Signed-off-by: Thomas Petazzoni