[OE-core] openssl10 unusable for many components
Alexander Kanavin
alexander.kanavin at linux.intel.com
Thu Aug 17 11:54:37 UTC 2017
On 08/17/2017 02:46 PM, Martin Jansa wrote:
> I meant "real-world" as builds for any products on the market (which are
> likely using one of the failing recipes) - e.g. in LGE we have many more
> failures over all internal components, so I'll just undo this openssl
> switch (renaming openssl_1.1 as openssl11 and openssl11_1.0 back as
> openssl_1.0 with PROVIDES openssl11). We won't be able to use
> openssl-1.1 for long time anyway, because there are some 3rd party
> component which are difficult (or expensive) to get rebuilt against new
> openssl ABI, but we might be interested in some other improvements in
> oe-core/master.
Yes, this will work for you as a quick fix, but it is merely postponing
dealing with the issue properly to a later date. Make a plan for it and
keep in mind that openssl 1.0 goes out of upstream support at the end of
2019. Given its history of major security vulnerabilities, it will be
removed from oe-core well before that time, so that it won't linger in
supported YP releases.
Alex
More information about the Openembedded-core
mailing list