]> git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit
projects / thirdparty / openembedded / openembedded-core-contrib.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8325c93) | patch
OpenSSL: CVE-2004-2761 replace MD5 hash algorithm
authorT.O. Radzy Radzykewycz <radzy@windriver.com>
Tue, 15 Nov 2016 22:14:38 +0000 (14:14 -0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 11 Jan 2017 17:21:41 +0000 (17:21 +0000)
commit545a4d2e56b46cfd49769d6384674c755b4dca69
tree0abcb314d00e2477900d5c8ed557f9f116786ecdtree
parent8325c93df99187318cc3160559fdd0718e2c03d8commit | diff
OpenSSL: CVE-2004-2761 replace MD5 hash algorithm

Use SHA256 as default digest for OpenSSL instead of MD5.

CVE: CVE-2004-2761

    The MD5 Message-Digest Algorithm is not collision resistant,
    which makes it easier for context-dependent attackers to
    conduct spoofing attacks, as demonstrated by attacks on the
    use of MD5 in the signature algorithm of an X.509 certificate.

Upstream-Status: Backport
Backport from OpenSSL 2.0 to OpenSSL 1.0.2
Commit f8547f62c212837dbf44fb7e2755e5774a59a57b

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(From OE-Core rev: f924428cf0c22a0b62769f8f31f11f173f25014f)

(From OE-Core rev: 0066e5c5559009f250b6e5953d5830db2c8769e1)

Signed-off-by: Zhang Xiao <xiao.zhang@windriver.com>
Signed-off-by: T.O. Radzy Radzykewycz <radzy@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-connectivity/openssl/openssl/Use-SHA256-not-MD5-as-default-digest.patch [new file with mode: 0644] blob
Mirror of git://git.openembedded.org/openembedded-core-contrib