git.ipfire.org Git - thirdparty/openembedded/openembedded-core.git/commit

author	Siddharth Doshi <sdoshi@mvista.com>
	Sun, 19 Feb 2023 18:36:30 +0000 (19:36 +0100)
committer	Steve Sakoman <steve@sakoman.com>
	Sat, 25 Feb 2023 19:25:51 +0000 (09:25 -1000)
commit	f5dce7274bfd65c05df932f36a5e43cfc884fd41
tree	bc820eafc75292de710cf9aa2d2a2e1ffe4e5115	tree
parent	83e9bd1507fd5f79c680dde30b0f66df84cde6b0	commit \| diff

openssl: Upgrade 3.0.7 -> 3.0.8

OpenSSL 3.0.8 fixes 1 HIGH level security vulnerability and 7 MODERATE level security vulnerability [1].

Upgrade the recipe to point to 3.0.8.

CVE-2022-3996 is reported fixed in 3.0.8, so drop the patch for that as
well.

[1] https://www.openssl.org/news/vulnerabilities.html

CVEs Fixed:
https://www.openssl.org/news/secadv/20230207.txt

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8461466f63200a0b1c9c247b70fdf5819651544c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>

meta/recipes-connectivity/openssl/openssl/CVE-2022-3996.patch	[deleted file]	blob \| blame \| history
meta/recipes-connectivity/openssl/openssl_3.0.8.bb	[moved from meta/recipes-connectivity/openssl/openssl_3.0.7.bb with 98% similarity]	diff \| blob \| blame \| history