diff mbox series

openssl: Update to version 1.1.1r

Message ID	20221012153954.3582108-1-adolf.belka@ipfire.org
State	Superseded
Headers	From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Subject: [PATCH] openssl: Update to version 1.1.1r Date: Wed, 12 Oct 2022 17:39:54 +0200 Message-Id: <20221012153954.3582108-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: list Errors-To: development-bounces@lists.ipfire.org Sender: "Development" <development-bounces@lists.ipfire.org>
Series	openssl: Update to version 1.1.1r \| openssl: Update to version 1.1.1r

Commit Message

Adolf Belka Oct. 12, 2022, 3:39 p.m. UTC

  - Update version from 1.1.1q to 1.1.1r
- Update of rootfile not required
- Changelog
	 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
	  *) Fixed the linux-mips64 Configure target which was missing the
	     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
	     platform.
	  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
	     causing incorrect results in some cases as a result.
	  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
	     report correct results in some cases
	  *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
	     different key sizes
	  *) Added the loongarch64 target
	  *) Fixed a DRBG seed propagation thread safety issue
	  *) Fixed a memory leak in tls13_generate_secret
	  *) Fixed reported performance degradation on aarch64. Restored the
	     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
	     32-bit lane assignment in CTR mode") for 64bit targets only, since it is
	     reportedly 2-17% slower and the silicon errata only affects 32bit targets.
	     The new algorithm is still used for 32 bit targets.
	  *) Added a missing header for memcmp that caused compilation failure on some
	     platforms

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
---
 lfs/openssl | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Michael Tremer Oct. 14, 2022, 10:18 a.m. UTC | #1

Hello Adolf,

Thanks for this, but it looks like they took down the release, because it is introducing some new problems:

  https://mta.openssl.org/pipermail/openssl-announce/2022-October/000237.html

So, let’s keep the patch here and wait what happens next.

Sorry for this.

-Michael

> On 12 Oct 2022, at 16:39, Adolf Belka <adolf.belka@ipfire.org> wrote:
> 
> - Update version from 1.1.1q to 1.1.1r
> - Update of rootfile not required
> - Changelog
> 	 Changes between 1.1.1q and 1.1.1r [11 Oct 2022]
> 	  *) Fixed the linux-mips64 Configure target which was missing the
> 	     SIXTY_FOUR_BIT bn_ops flag. This was causing heap corruption on that
> 	     platform.
> 	  *) Fixed a strict aliasing problem in bn_nist. Clang-14 optimisation was
> 	     causing incorrect results in some cases as a result.
> 	  *) Fixed SSL_pending() and SSL_has_pending() with DTLS which were failing to
> 	     report correct results in some cases
> 	  *) Fixed a regression introduced in 1.1.1o for re-signing certificates with
> 	     different key sizes
> 	  *) Added the loongarch64 target
> 	  *) Fixed a DRBG seed propagation thread safety issue
> 	  *) Fixed a memory leak in tls13_generate_secret
> 	  *) Fixed reported performance degradation on aarch64. Restored the
> 	     implementation prior to commit 2621751 ("aes/asm/aesv8-armx.pl: avoid
> 	     32-bit lane assignment in CTR mode") for 64bit targets only, since it is
> 	     reportedly 2-17% slower and the silicon errata only affects 32bit targets.
> 	     The new algorithm is still used for 32 bit targets.
> 	  *) Added a missing header for memcmp that caused compilation failure on some
> 	     platforms
> 
> Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
> ---
> lfs/openssl | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/lfs/openssl b/lfs/openssl
> index 28a92a6b3..cb249b30c 100644
> --- a/lfs/openssl
> +++ b/lfs/openssl
> @@ -24,7 +24,7 @@
> 
> include Config
> 
> -VER        = 1.1.1q
> +VER        = 1.1.1r
> 
> THISAPP    = openssl-$(VER)
> DL_FILE    = $(THISAPP).tar.gz
> @@ -74,7 +74,7 @@ objects = $(DL_FILE)
> 
> $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> 
> -$(DL_FILE)_BLAKE2 = fc8fd6a62dc291d0bda328a051e253175fb04442cc4b8f45d67c3a5027748a0fc5fb372d0483bc9024ae0bff119c4fac8f1e982a182612427696d6d09f5935f5
> +$(DL_FILE)_BLAKE2 = ae1f56718d6a9400e9670f1ad1db2bc15bfbefc4fb114c7920c95a193285984d46cb28fe8dfbfa732f7755fb7810b51412f6e23a592d5769af9925026aa912d9
> 
> install : $(TARGET)
> 
> -- 
> 2.38.0
>

diff mbox series

Patch

diff --git a/lfs/openssl b/lfs/openssl
index 28a92a6b3..cb249b30c 100644
--- a/lfs/openssl
+++ b/lfs/openssl
@@ -24,7 +24,7 @@ 
 
 include Config
 
-VER        = 1.1.1q
+VER        = 1.1.1r
 
 THISAPP    = openssl-$(VER)
 DL_FILE    = $(THISAPP).tar.gz
@@ -74,7 +74,7 @@  objects = $(DL_FILE)
 
 $(DL_FILE) = $(DL_FROM)/$(DL_FILE)
 
-$(DL_FILE)_BLAKE2 = fc8fd6a62dc291d0bda328a051e253175fb04442cc4b8f45d67c3a5027748a0fc5fb372d0483bc9024ae0bff119c4fac8f1e982a182612427696d6d09f5935f5
+$(DL_FILE)_BLAKE2 = ae1f56718d6a9400e9670f1ad1db2bc15bfbefc4fb114c7920c95a193285984d46cb28fe8dfbfa732f7755fb7810b51412f6e23a592d5769af9925026aa912d9
 
 install : $(TARGET)