On Thu, Feb 19, 2015 at 03:45:10PM +0000, [email protected] wrote: > From: Brendan Le Foll <[email protected]> > > Because of the SSLv3 POODLE vulnerability, it's preferred to simply disable > SSLv3 even if patched with the TLS_FALLBACK_SCSV
Please rebase on corrent master, because v1 was already merged (so you should remove EXTRA_OECONF now). > > Signed-off-by: Brendan Le Foll <[email protected]> > --- > meta/recipes-connectivity/openssl/openssl.inc | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/meta/recipes-connectivity/openssl/openssl.inc > b/meta/recipes-connectivity/openssl/openssl.inc > index 6eb1b5e..f42b1ea 100644 > --- a/meta/recipes-connectivity/openssl/openssl.inc > +++ b/meta/recipes-connectivity/openssl/openssl.inc > @@ -16,6 +16,9 @@ SRC_URI = > "http://www.openssl.org/source/openssl-${PV}.tar.gz \ > S = "${WORKDIR}/openssl-${PV}" > > PACKAGECONFIG[perl] = ",,," > +# Remove this to enable SSLv3. SSLv3 is defaulted to disabled due to the > POODLE > +# vulnerability > +PACKAGECONFIG[ssl3] = "--enable-ssl3, --no-ssl3,," > > AR_append = " r" > # Avoid binaries being marked as requiring an executable stack since it > -- > 2.2.1 > > -- > _______________________________________________ > Openembedded-core mailing list > [email protected] > http://lists.openembedded.org/mailman/listinfo/openembedded-core -- Martin 'JaMa' Jansa jabber: [email protected]
signature.asc
Description: Digital signature
-- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
