Hello,
There is a new release of OpenSSL which fixes a couple of vulnerabilities that we are affected by.
I will take care of the update and push it into next as soon as possible.
-Michael
Begin forwarded message:
From: OpenSSL openssl@openssl.org Subject: OpenSSL version 1.1.1j published Date: 16 February 2021 at 16:12:43 GMT To: openssl-project@openssl.org, OpenSSL User Support ML openssl-users@openssl.org, OpenSSL Announce ML openssl-announce@openssl.org Reply-To: openssl-users@openssl.org, openssl@openssl.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
OpenSSL version 1.1.1j released
OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of version 1.1.1j of our open source toolkit for SSL/TLS. For details of changes and known issues see the release notes at:
https://www.openssl.org/news/openssl-1.1.1-notes.html
OpenSSL 1.1.1j is available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
* https://www.openssl.org/source/ * ftp://ftp.openssl.org/source/
The distribution file name is:
o openssl-1.1.1j.tar.gz Size: 9823161 SHA1 checksum: 04c340b086828eecff9df06dceff196790bb9268 SHA256 checksum: aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf
The checksums were calculated using the following commands:
openssl sha1 openssl-1.1.1j.tar.gz openssl sha256 openssl-1.1.1j.tar.gz
Yours,
The OpenSSL Project Team.
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmAr45gACgkQ2cTSbQ5g RJFhXAf7BMbLDUqKxw1YnGpUTXRTKe1TSzrOPI/m/yfyn3YHm64HYwTxNy8Idm9Y V+78djXqhs3VMDDu9ZOmopSLEOOOHvpKE89kj7pHrYnOJcmPE+HNmS0qneOyQZtb slvYbDhqeyEqNxy/jVlz6Bm/BV57HdbszpAzhv9zTP6hf6aYvNwIFJoPpHznu028 Knn+qrlkcHizKPY9zG1h8zfK9m6CWGV+S8qeKHERgvlKBz6hAOYC/3f6sZumRr7K m7jEEjkEvjVzcojXKoY2+C9yeRwJdj8GM2Haa+kdwcW34o4uCOrP+mW+MeBg+4qM id26+r6cNtTdv7jE4gPWLCKoOZ7CsA== =baPF -----END PGP SIGNATURE-----
Okay, it is up and I merged it into master as well.
So if you are running Core Update 154, please re-install after the build is through.
Best, -Michael
On 16 Feb 2021, at 16:20, Michael Tremer michael.tremer@ipfire.org wrote:
Hello,
There is a new release of OpenSSL which fixes a couple of vulnerabilities that we are affected by.
I will take care of the update and push it into next as soon as possible.
-Michael
Begin forwarded message:
From: OpenSSL openssl@openssl.org Subject: OpenSSL version 1.1.1j published Date: 16 February 2021 at 16:12:43 GMT To: openssl-project@openssl.org, OpenSSL User Support ML openssl-users@openssl.org, OpenSSL Announce ML openssl-announce@openssl.org Reply-To: openssl-users@openssl.org, openssl@openssl.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
OpenSSL version 1.1.1j released
OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of version 1.1.1j of our open source toolkit for SSL/TLS. For details of changes and known issues see the release notes at:
https://www.openssl.org/news/openssl-1.1.1-notes.html
OpenSSL 1.1.1j is available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html):
* https://www.openssl.org/source/ * ftp://ftp.openssl.org/source/
The distribution file name is:
o openssl-1.1.1j.tar.gz Size: 9823161 SHA1 checksum: 04c340b086828eecff9df06dceff196790bb9268 SHA256 checksum: aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf
The checksums were calculated using the following commands:
openssl sha1 openssl-1.1.1j.tar.gz openssl sha256 openssl-1.1.1j.tar.gz
Yours,
The OpenSSL Project Team.
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmAr45gACgkQ2cTSbQ5g RJFhXAf7BMbLDUqKxw1YnGpUTXRTKe1TSzrOPI/m/yfyn3YHm64HYwTxNy8Idm9Y V+78djXqhs3VMDDu9ZOmopSLEOOOHvpKE89kj7pHrYnOJcmPE+HNmS0qneOyQZtb slvYbDhqeyEqNxy/jVlz6Bm/BV57HdbszpAzhv9zTP6hf6aYvNwIFJoPpHznu028 Knn+qrlkcHizKPY9zG1h8zfK9m6CWGV+S8qeKHERgvlKBz6hAOYC/3f6sZumRr7K m7jEEjkEvjVzcojXKoY2+C9yeRwJdj8GM2Haa+kdwcW34o4uCOrP+mW+MeBg+4qM id26+r6cNtTdv7jE4gPWLCKoOZ7CsA== =baPF -----END PGP SIGNATURE-----