Re: [dunfell][PATCH v2] openssl: upgrade to 1.1.1m for CVE-2021-4160

Steve Sakoman

On Sun, Feb 20, 2022 at 9:04 PM <Mikko.Rapeli@...> wrote:

FWIW, there is also the pure patch to fix CVE-2021-4160 in openssl 1.1.1l for dunfell:

Patch versus letter version update, which one is preferred?
Yes, I'm aware of the CVE only patch. In this case I'd prefer the
letter version update since it also contains bug fixes. But if we
can't fix the ptest regression in the next couple of days I'll fall
back to the CVE only patch.



Join to automatically receive all group messages.