question on the openssl recipes and openssl versions... Point me to the
correct distro if this is the incorrect spot to ask this...
We're currently on Danny, 1.3.2. In there, the openssl version is
1.0.0j. The openssl project is currently promoting 1.0.1h. Due to the
multiple CVEs being released, we're wanting to move to the latest. But,
looking at the poky releases, it seems that, after "Danny", Poky
reverted back to 1.0.0e and added patches as CVEs are released. For
example, here's the patches in "Daisy" (1.6.1):
openssl-1.0.1e-cve-2014-0195.patch
openssl-1.0.1e-cve-2014-0198.patch
openssl-1.0.1e-cve-2014-0221.patch
openssl-1.0.1e-cve-2014-0224.patch
openssl-1.0.1e-cve-2014-3470.patch
openssl-CVE-2010-5298.patch
Am I reading that correct? If I move to the recipes there, will that
close current issues on openssl? Or, is there a recipe available to use
1.0.1h?
Thanks for any info.
Mark Evans
--
_______________________________________________
yocto mailing list
yocto@yoctoproject.org
https://lists.yoctoproject.org/listinfo/yocto