Re: [dunfell][PATCH v2] openssl: upgrade to 1.1.1m for CVE-2021-4160

Home Messages Hashtags Subgroups

#161955

Re: [dunfell][PATCH v2] openssl: upgrade to 1.1.1m for CVE-2021-4160

Tim Orling #161955 On Fri, Feb 18, 2022 at 3:36 PM Steve Sakoman <steve@...> wrote: On Tue, Feb 15, 2022 at 5:59 PM Tim Orling <ticotimo@...> wrote: > > Changes are only security and bug fixes. I'm seeing ptest errors: WARNING: core-image-sato-sdk-ptest-1.0-r0 do_testimage: There were failing ptests. Traceback (most recent call last): File "/home/pokybuild/yocto-worker/qemux86-64-ptest/build/meta/lib/oeqa/core/decorator/__init__.py", line 36, in wrapped_f return func(args, kwargs) File "/home/pokybuild/yocto-worker/qemux86-64-ptest/build/meta/lib/oeqa/core/decorator/__init__.py", line 36, in wrapped_f return func(args, *kwargs) File "/home/pokybuild/yocto-worker/qemux86-64-ptest/build/meta/lib/oeqa/core/decorator/__init__.py", line 36, in wrapped_f return func(args, **kwargs) File "/home/pokybuild/yocto-worker/qemux86-64-ptest/build/meta/lib/oeqa/runtime/cases/ptest.py", line 25, in test_ptestrunner_expectfail self.do_ptestrunner() File "/home/pokybuild/yocto-worker/qemux86-64-ptest/build/meta/lib/oeqa/runtime/cases/ptest.py", line 108, in do_ptestrunner self.fail(failmsg) AssertionError: Failed ptests: {'openssl': ['test/recipes/30-test_evp_extra.t,_test_returned_1']} I saw this on qemux86-64, but was not sure it was due to the upgrade or a one off infra issue. I’ll dig deeper and see what might be happening. Happens with both qemuarm64-ptest and qemux86-64-ptest: https://autobuilder.yoctoproject.org/typhoon/#/builders/82/builds/2863 https://autobuilder.yoctoproject.org/typhoon/#/builders/81/builds/3124 Steve > https://www.openssl.org/news/cl111.txt > https://git.openssl.org/?p=openssl.git;a=log;h=refs/tags/OpenSSL_1_1_1m > > CVE: CVE-2021-4160 > > https://nvd.nist.gov/vuln/detail/CVE-2021-4160 > > Signed-off-by: Tim Orling <tim.orling@...> > --- > Changes in v2: > - drop SRC_URI[md5sum] that devtool snuck in. > > .../openssl/{openssl_1.1.1l.bb => openssl_1.1.1m.bb} \| 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > rename meta/recipes-connectivity/openssl/{openssl_1.1.1l.bb => openssl_1.1.1m.bb} (98%) > > diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1m.bb > similarity index 98% > rename from meta/recipes-connectivity/openssl/openssl_1.1.1l.bb > rename to meta/recipes-connectivity/openssl/openssl_1.1.1m.bb > index bf7cd6527ef..c6f8499d4f5 100644 > --- a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb > +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1m.bb > @@ -24,7 +24,7 @@ SRC_URI_append_class-nativesdk = " \ > file://environment.d-openssl.sh \ > " > > -SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1" > +SRC_URI[sha256sum] = "f89199be8b23ca45fc7cb9f1d8d3ee67312318286ad030f5316aca6462db6c96" > > inherit lib_package multilib_header multilib_script ptest > MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" > -- > 2.30.2 >
More All Messages By This Member

View All 6 Messages In Topic

#161955

Join openembedded-core@lists.openembedded.org to automatically receive all group messages.

Home Hashtags Subgroups Terms