From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] openssl: Update to version 1.1.1r
Date: Fri, 14 Oct 2022 11:18:51 +0100
Message-ID: <30ACC885-C5E7-458C-B677-71F42525CE7F@ipfire.org>
In-Reply-To: <20221012153954.3582108-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2040654338376344344=="
List-Id: <development.lists.ipfire.org>

--===============2040654338376344344==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hello Adolf,

Thanks for this, but it looks like they took down the release, because it is =
introducing some new problems:

  https://mta.openssl.org/pipermail/openssl-announce/2022-October/000237.html

So, let=E2=80=99s keep the patch here and wait what happens next.

Sorry for this.

-Michael

> On 12 Oct 2022, at 16:39, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>=20
> - Update version from 1.1.1q to 1.1.1r
> - Update of rootfile not required
> - Changelog
> 	 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
> 	  *) Fixed the linux-mips64 Configure target which was missing the
> 	     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
> 	     platform.
> 	  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
> 	     causing incorrect results in some cases as a result.
> 	  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failin=
g to
> 	     report correct results in some cases
> 	  *) Fixed a regression introduced in 1.1.1o for re-signing certificates w=
ith
> 	     different key sizes
> 	  *) Added the loongarch64 target
> 	  *) Fixed a DRBG seed propagation thread safety issue
> 	  *) Fixed a memory leak in tls13_generate_secret
> 	  *) Fixed reported performance degradation on aarch64. Restored the
> 	     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
> 	     32-bit lane assignment in CTR mode") for 64bit targets only, since it=
 is
> 	     reportedly 2-17% slower and the silicon errata only affects 32bit tar=
gets.
> 	     The new algorithm is still used for 32 bit targets.
> 	  *) Added a missing header for memcmp that caused compilation failure on =
some
> 	     platforms
>=20
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> lfs/openssl | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>=20
> diff --git a/lfs/openssl b/lfs/openssl
> index 28a92a6b3..cb249b30c 100644
> --- a/lfs/openssl
> +++ b/lfs/openssl
> @@ -24,7 +24,7 @@
>=20
> include Config
>=20
> -VER        =3D 1.1.1q
> +VER        =3D 1.1.1r
>=20
> THISAPP    =3D openssl-$(VER)
> DL_FILE    =3D $(THISAPP).tar.gz
> @@ -74,7 +74,7 @@ objects =3D $(DL_FILE)
>=20
> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
>=20
> -$(DL_FILE)_BLAKE2 =3D fc8fd6a62dc291d0bda328a051e253175fb04442cc4b8f45d67c=
3a5027748a0fc5fb372d0483bc9024ae0bff119c4fac8f1e982a182612427696d6d09f5935f5
> +$(DL_FILE)_BLAKE2 =3D ae1f56718d6a9400e9670f1ad1db2bc15bfbefc4fb114c7920c9=
5a193285984d46cb28fe8dfbfa732f7755fb7810b51412f6e23a592d5769af9925026aa912d9
>=20
> install : $(TARGET)
>=20
> --=20
> 2.38.0
>=20


--===============2040654338376344344==--