From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka To: development@lists.ipfire.org Subject: Re: Forthcoming OpenSSL Releases Date: Fri, 26 May 2023 15:33:04 +0200 Message-ID: In-Reply-To: <8DF27C56-97B2-40B5-BCD6-9EDCCA433A76@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3858908183235283775==" List-Id: --===============3858908183235283775== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Hi, On 24/05/2023 11:02, Michael Tremer wrote: > Hello, >=20 >> On 24 May 2023, at 09:47, Adolf Belka wrote: >> >> Hi Michael, >> >> On 24/05/2023 10:07, Michael Tremer wrote: >>> It looks like we might not want to release the forthcoming Core Update be= fore this. >>> >>> I did not hear any rumours about what might be the issue, but I would say= that it wouldn=E2=80=99t hurt us to wait. >>> >>> What other outstanding issues do we have that are currently blocking the = update? >>> >> The fix for Bug#13117 has been merged into master so that is no longer blo= cking. >> >> As mentioned to Peter, I recommend reverting my fix for Bug#11048 as some = issues were found by myself (missed in my own testing) plus from other tester= s reporting in the forum. I am making progress on this but there are still so= me bits outstanding. The bug has been around for a long time so it won't hurt= for it to wait till Core Update 176. >=20 > Okay. Let=E2=80=99s rather have the right fix than a quick one. I agree! The reversion of the update.sh script was done two days ago but there are 4 o= ther commits for the same bug fix that also need to be reverted. https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D762c88ec4d85e3a4f72= 65b887f054cbe7703eb7c https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D82822934ba769bca423= 5cd2a02f848cdc8511120 https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D070abb0d011ff71e5ae= fd170dcb366d81bdf2497 https://git.ipfire.org/?p=3Dipfire-2.x.git;a=3Dcommit;h=3D18bece0edbd817933f4= 8fdbffcffffd074e42c05 just to make sure that those don't get missed. Regards, Adolf. >=20 >> I haven't found anything else that was a problem and I haven't seen any ot= her issues mentioned in the forum that look to be caused by CU175. >=20 > That sounds good then! >=20 >> Regards, >> Adolf. >>> -Michael >>> >>>> Begin forwarded message: >>>> >>>> From: Tomas Mraz >>>> Subject: Forthcoming OpenSSL Releases >>>> Date: 24 May 2023 at 05:06:12 BST >>>> To: "openssl-project(a)openssl.org" , "op= enssl-users(a)openssl.org" , openssl-announce(a)= openssl.org >>>> Reply-To: openssl-users(a)openssl.org >>>> >>>> The OpenSSL project team would like to announce the forthcoming release >>>> of OpenSSL versions 3.0.9, 1.1.1u and 1.0.2zh. Note that OpenSSL 1.0.2 >>>> is End Of Life and so 1.0.2zh will be available to premium support >>>> customers only. >>>> >>>> These releases will be made available on Tuesday 30th May 2023 >>>> between 1300-1700 UTC. >>>> >>>> These are security-fix releases. The highest severity issue fixed in >>>> each of these three releases is Moderate: >>>> >>>> https://www.openssl.org/policies/secpolicy.html >>>> >>>> Yours >>>> The OpenSSL Project Team >>>> >>> >> >> --=20 >> Sent from my laptop >=20 --===============3858908183235283775==--