Hi guys
meta-fsl-ppc/recipes-connectivity/openssl in krogoth is using a vulnerable version of OpenSSL (openssl_1.0.1i).
OpenSSL recommends 1.0.1 users to upgrade to 1.0.1u version:
Can we upgrade openssl version or do you prefer to keep this version? In this case I can try to backport individual patches if possible.
Regards
//Sona
---------------------------------------
Sona Sarmadi
Security Responsible for Enea Linux/
GPG Fingerprint: 444F A5E9 CDC6 4620 85C7 2CA9 60FF AF33 15BD 5928
Enea Software AB
Jan Stenbecks Torg 17
P.O Box 1033
SE-164 26 Kista, Sweden
Phone +46 70 971 4475
This message, including attachments, is CONFIDENTIAL. It may also be privileged or otherwise protected by law. If you received this email by mistake
please let us know by reply and then delete it from your system; you should not copy it or disclose its contents to anyone. All messages sent to and from
Enea may be monitored to ensure compliance with internal policies and to protect our business. Emails are not secure and cannot be guaranteed to be
error free as they can be intercepted, a mended, lost or destroyed, or contain viruses. The sender therefore does not accept liability for any errors or
omissions in the contents of this message, which arise as a result of email transmission. Anyone who communicates with us by email accepts these risks.