buildroot-novena/package/openssl, branch 2012.02_rc2

openssl: security bump to version 1.0.0g

2012-01-22T20:45:09+00:00

Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: security bump to version 1.0.0f

2012-01-06T10:03:50+00:00

Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

package: remove useless arguments from GENTARGETS

2011-09-29T21:09:58+00:00

Thanks to the pkgparentdir and pkgname functions, we can rewrite the GENTARGETS macro in a way that avoids the need for each package to repeat its name and the directory in which it is present. [Peter: pkgdir->pkgparentdir] Signed-off-by: Thomas Petazzoni Signed-off-by: Peter Korsgaard

openssl: bump to 1.0.0e

2011-09-12T22:17:15+00:00

Changes between 1.0.0d and 1.0.0e [6 Sep 2011] *) Fix bug where CRLs with nextUpdate in the past are sometimes accepted by initialising X509_STORE_CTX properly. (CVE-2011-3207) [Kaspar Brand ] *) Fix SSL memory handling for (EC)DH ciphersuites, in particular for multi-threaded use of ECDH. (CVE-2011-3210) [Adam Langley (Google)] *) Fix x509_name_ex_d2i memory leak on bad inputs. [Bodo Moeller] *) Remove hard coded ecdsaWithSHA1 signature tests in ssl code and check signature public key algorithm by using OID xref utilities instead. Before this you could only use some ECC ciphersuites with SHA1 only. [Steve Henson] *) Add protection against ECDSA timing attacks as mentioned in the paper by Billy Bob Brumley and Nicola Tuveri, see: http://eprint.iacr.org/2011/232.pdf [Billy Bob Brumley and Nicola Tuveri] Signed-off-by: Yegor Yefremov Acked-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: fix compilation for i386

2011-04-01T19:56:21+00:00

Closes #3445. OpenSSL emits bswap instructions when building for i386 targets which unfortunately is only available on 486+ class processors. Since the normal workaround is detected at build time and we are cross compiling we need to specify this. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: fix libdir issue

2011-02-23T22:31:49+00:00

Closes #3205 OpenSSL's build system tries to be too wise for it's own good when guessing what libdir should be. This causes problems like the one reported in bug #3205 so just specify libdir to point to /lib (since it's prefixed it would finally be /usr/lib) since it should be present on 32 and 64 bit targets. Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: security bump to 1.0.0d

2011-02-09T21:50:49+00:00

CVE-2011-0014 http://www.openssl.org/news/secadv_20110208.txt OCSP stapling vulnerability in OpenSSL Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: add ocf support

2011-01-17T21:00:08+00:00

Enable OCF (cryptodev) support for openssl as an option. This requires a patched kernel to export hardware acceleration for openssl to use it. If you lack a patched kernel or support it won't break anything, it will simply fall back to the default software engine from openssl, you'll just have a slightly bigger libssl/libcrypto. Tested with 20100325 release + 20101223 patch from the mailing list. [Peter: slightly tweaked .mk] Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: security bump to version 1.0.0c

2010-12-11T01:25:21+00:00

Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard

openssl: security bump to version 1.0.0b

2010-11-19T14:46:37+00:00

Signed-off-by: Gustavo Zacarias Signed-off-by: Peter Korsgaard