[OE-core] Backport OpenSSL 1.0.2n
robert_joslyn at selinc.com
robert_joslyn at selinc.com
Mon Feb 12 21:08:30 UTC 2018
I'm working with the pyro release, and noticed that it's still using
openssl 1.0.2k. The latest version in the 1.0.2 series is 1.0.2n, which is
already available on master. Is there a reason that the newer version
hasn't made it back to pyro (or rocko, which is on 1.0.2m)? I know new
package versions are not normally backported, but looking at the change
log, I only see one change mentioned that is not a CVE fix (the 1.0.2l
release):
https://urldefense.proofpoint.com/v2/url?u=https-3A__git.openssl.org_-3Fp-3Dopenssl.git-3Ba-3Dblob-3Bf-3DCHANGES-3Bh-3Df2fc31a25c54b12fc7db40c03d39f9a68b9ec0e5-3Bhb-3De5bba24cd8bb3e5127a578b85c6edf013a38ea6d&d=DwIBAg&c=zVFQZQ67ypsA9mYKSCqWmQHiVkCCaN-Gb60_N6TVnLk&r=ak_pMnzuMKndrbvJGok-seoFenjTGhP3oPNUzKUOwzHhGpNMwSJsaHunyXDlBGjO&m=3JjPoO2FeIBSz3wggiqKGtYceKB5t__oSe8p6yDsQfM&s=oeCHfmZkkXVFW1aoMZsolXeFvKI9RTUtbdGBj61kheQ&e=
I can send patches to bring 1.0.2n to rocko and pyro if they will be
accepted.
Thanks,
Robert
More information about the Openembedded-core
mailing list