Hello Michael, hello Adolf,
thank you very much for raising this, and your coordination efforts on Core Update 175. Again, apologies for me being rather absent at the moment - ${non-IPFire commitments} eat up a lot of the spare time I currently have, and I still struggle to find a schedule that allows me to be reliably contributing to the IPFire project. :-/
With regards to OpenSSL, including that in Core Update 175 makes sense to me, and I will take care of this tomorrow (really, I promise), and update the changelog accordingly.
With regards to the latter, I just deleted the section concerning bug #11048, so everything is current in there.
Further, I took the liberty to include Matthias' patch for updating Suricata to 6.0.12 in the update - before, we had already shipped Suricata 6.0.11, and since the changelog for .12 reads rather nasty, I figure we may as well go with the latest version here.
(Matthias: As always, thank you very much for taking care of this!)
As soon as the OpenSSL is included and tested by me, I would like to release Core Update 175 - its been already six weeks since the last Core Update, and given the testing feedback, I don't think we need to give this Core Update more time.
@Michael: You'll have a draft for the release announcement of Core Update 175 by Thursday at the latest.
As always, thank you all very much for your contributions! Let me know if there are any comments/concerns/vetoes to the release schedule I detailed above.
All the best, Peter Müller
Thank you very much for letting me know. I wasn’t aware at all.
I reverted those changes in next and if the build goes through I will merge the branch back into master again.
-Michael
On 26 May 2023, at 14:33, Adolf Belka adolf.belka@ipfire.org wrote:
Hi,
On 24/05/2023 11:02, Michael Tremer wrote:
Hello,
On 24 May 2023, at 09:47, Adolf Belka adolf.belka@ipfire.org wrote:
Hi Michael,
On 24/05/2023 10:07, Michael Tremer wrote:
It looks like we might not want to release the forthcoming Core Update before this.
I did not hear any rumours about what might be the issue, but I would say that it wouldn’t hurt us to wait.
What other outstanding issues do we have that are currently blocking the update?
The fix for Bug#13117 has been merged into master so that is no longer blocking.
As mentioned to Peter, I recommend reverting my fix for Bug#11048 as some issues were found by myself (missed in my own testing) plus from other testers reporting in the forum. I am making progress on this but there are still some bits outstanding. The bug has been around for a long time so it won't hurt for it to wait till Core Update 176.
Okay. Let’s rather have the right fix than a quick one. I agree!
The reversion of the update.sh script was done two days ago but there are 4 other commits for the same bug fix that also need to be reverted.
https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=762c88ec4d85e3a4f7265b88... https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=82822934ba769bca4235cd2a... https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=070abb0d011ff71e5aefd170... https://git.ipfire.org/?p=ipfire-2.x.git;a=commit;h=18bece0edbd817933f48fdbf...
just to make sure that those don't get missed.
Regards, Adolf.
I haven't found anything else that was a problem and I haven't seen any other issues mentioned in the forum that look to be caused by CU175.
That sounds good then!
Regards, Adolf.
-Michael
Begin forwarded message:
From: Tomas Mraz tomas@openssl.org Subject: Forthcoming OpenSSL Releases Date: 24 May 2023 at 05:06:12 BST To: "openssl-project@openssl.org" openssl-project@openssl.org, "openssl-users@openssl.org" openssl-users@openssl.org, openssl-announce@openssl.org Reply-To: openssl-users@openssl.org
The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.9, 1.1.1u and 1.0.2zh. Note that OpenSSL 1.0.2 is End Of Life and so 1.0.2zh will be available to premium support customers only.
These releases will be made available on Tuesday 30th May 2023 between 1300-1700 UTC.
These are security-fix releases. The highest severity issue fixed in each of these three releases is Moderate:
https://www.openssl.org/policies/secpolicy.html
Yours The OpenSSL Project Team
-- Sent from my laptop