Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
:Release Notes: Update to v1.0.1h, which contains six security fixes. Remove an unneeded patch. :Detailed Notes: These security issues are fixed by v1.0.1h: CVE-2014-0224 (SSL/TLS MITM vulnerability) CVE-2014-0221 (DTLS recursion flaw) CVE-2014-0195 (TLS invalid fragment vulnerability) CVE-2014-0198 (SSL_MODE_RELEASE_BUFFERS NULL pointer dereference) CVE-2010-5298 (SSL_MODE_RELEASE_BUFFERS session injection or denial of service) CVE-2014-3470 (Anonymous ECDH denial of service) See https://www.openssl.org/news/secadv_20140605.txt :Testing Performed: MiniBAT, BAT, P2 tests :QA Notes: :Issues Addressed: [BHV-10203] openssl - CVE-2010-5298, CVE-2014-3470, CVE-2014-0195, CVE-2014-0198, CVE-2014-0221, CVE-2014-0224 [BHV-10136] CCC: openssl=v1.0.1h Open-webOS-DCO-1.0-Signed-off-by: Andrii Motsok <andrii.motsok@lge.com> Change-Id: I35c84d1cb21c882946b02a8924a21aaf09b5c53c Reviewed-on: https://g2g.palm.com/5943 Reviewed-by: DCO Verification Reviewed-by: Andrii Motsok <andrii.motsok@lge.com> Tested-by: Andrii Motsok <andrii.motsok@lge.com> Build: Andrii Motsok <andrii.motsok@lge.com> Reviewed-by: Build Verification Reviewed-by: Herb Kuta <herb.kuta@lge.com> Reviewed-by: Susan Montooth <susan.montooth@lge.com>
- Loading branch information