From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Fri, 07 Jun 2024 20:47:49 +0200 Received: from metis.whiteo.stw.pengutronix.de ([2a0a:edc0:2:b01:1d::104]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.96) (envelope-from ) id 1sFecv-0029cq-19 for lore@lore.pengutronix.de; Fri, 07 Jun 2024 20:47:49 +0200 Received: from localhost ([127.0.0.1] helo=metis.whiteo.stw.pengutronix.de) by metis.whiteo.stw.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1sFecu-0005HW-KM; Fri, 07 Jun 2024 20:47:48 +0200 Received: from mail-dbaeur03on2134.outbound.protection.outlook.com ([40.107.104.134] helo=EUR03-DBA-obe.outbound.protection.outlook.com) by metis.whiteo.stw.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1sFecY-0005HN-3Q for ptxdist@pengutronix.de; Fri, 07 Jun 2024 20:47:27 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GnVp5MfXnV0SRoS5u22hCfWvThRwC5bfoyFnKdfqHR9UsTNjA9UktshAJbgqLtuDKBi/Bl3EMkEBFVhmrALXMuPaH6XWcGD8PNo3cAjZMwqFwFI/tS6+ILF7on5ZhxFMo347o6v9LsTJZ2E4z/SZAkWBS7NGETWzc/P7+O9V4OVQ8WajLdGWE4S27zBI7wM3RHe4KcvZ6UrwVFZGRTquctW1l9GLxiI4LKQKwMEX9RXZSgEo+XreWeXJ5zynmuEUgDTWFtGVMKe40RbmvvOFlwadurXjkvYokSJOMCRMbDz6QiQejwfx9Ls7H0JI1TaC2MrTwpMOh/p/RdiyDhPAqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ltuDdN4izoC0LT8YDQYWdPO+hTaI1AS+qLkeoFMxegw=; b=YlLabGnMMFREjEFddDo9zvyaoRmCO33Yfm0yza9SZE/uGfLThPhZUAbPcVcM3mPHJOFOcgmkDLhhHgP9ZPtnRglz6TFx/yFLHl1jmFXDbGdooy90JaoouF2/m++Fl29Fc45BJfxbWF1/YYI79BXQOSQw0tgpmE3CMm7fci8fkVSiZOST2o9FNn0bOSFZ4hpZDK3yd8tcOBBXcpEbW94GEbVgLRa7A14oMiLBSkPiDos84DwS/bI5Gwup3W3iIewH/IlNNUVBQy9/24FvuzjRe1E8noMVOhpMCVz4NQIaKpo7gqAtee5CoHFJ4HT9c6gY5kDMEysHsnFAwBpPERwZ3w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com; dkim=pass header.d=t2data.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ltuDdN4izoC0LT8YDQYWdPO+hTaI1AS+qLkeoFMxegw=; b=jaVfoIHnDHGxZMBwrdiqWmER01ZIV4N/WKhln+panjQTDnoCa6cqQpYazHOydbAT9DCZxaHnShob8hzlr8qFPHo4fEExRTSwtHjkRHxmTPhNA4jfY/aIMYKG+oWFYy+ps8aAhm6PPn18JnrLn28kcK41drmQTGdWFFb/Onqhb/Y= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by GV1P251MB0769.EURP251.PROD.OUTLOOK.COM (2603:10a6:150:61::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7611.22; Fri, 7 Jun 2024 18:47:20 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::fe8d:f825:5b29:2903]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::fe8d:f825:5b29:2903%4]) with mapi id 15.20.7633.021; Fri, 7 Jun 2024 18:47:20 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Fri, 7 Jun 2024 20:47:08 +0200 Message-Id: <20240607184708.1511205-1-christian.melki@t2data.com> X-Mailer: git-send-email 2.34.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: GV2PEPF0000384F.SWEP280.PROD.OUTLOOK.COM (2603:10a6:144:1:0:9:0:12) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DB9P251MB0618:EE_|GV1P251MB0769:EE_ X-MS-Office365-Filtering-Correlation-Id: 9f240e35-89fb-43fb-ced7-08dc87224318 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230031|1800799015|376005|52116005|366007|38350700005; X-Microsoft-Antispam-Message-Info: =?us-ascii?Q?1TgYRSiAzvb5fzNbMwKrPoPWAyulKewpzkGEU/RKNkliALPVj9Qy+Ku94dsR?= =?us-ascii?Q?6iWyCBGwMGMrFHBIqR6F9bsT9SC4dGMgEl33JwN86CjXSls9fHZrjOArru+u?= =?us-ascii?Q?RbLQCV39+PfUjDBzaSBdJ0FpYs7LEvDz1LuVOER8d+R9kw+Q6linx6F3rNU1?= =?us-ascii?Q?eGPx2dwkUpIBWDKDCs3IBkC00OKsy/f8/5YpI/ifbt3N8cCYahoPm2KYpVGw?= =?us-ascii?Q?8958wMguHcHYl+bVs8vEGaQF76CldFAHzopeKUWoYgpl9mtOEx0Yx4bWst3h?= =?us-ascii?Q?FjHMEcxyErJWx+6T6aT28E9/8mhQZgp60FL2xDfnGP6OROau3dqauK8zOld0?= =?us-ascii?Q?WkH6RPpywRKpNnnQAjOpuzNY7gs0mbsU5KDLn6kN/B8EznlesMIuP2fbxkNc?= =?us-ascii?Q?c3cLok0hONX9yeGjomo87DNgIfEXCn6gXXtA9Fp8Vh4S3ljljcMDIcFNo+qW?= =?us-ascii?Q?AH1cN7iVjhazJK14frKSEbLmH1mb73dCmBO4BqBUxzgKCCElYiMpBOsA1gyL?= =?us-ascii?Q?kObGAaT6hFI2kexBfl0Kchs72ejY6RHhWrlJ+OX8kOQ6MutU1J4X7Q8siDx9?= =?us-ascii?Q?Dt/4vsIjiEnS+HSIZc3H7drTCAuJLpHHu/zDzh0cTbd0mihNF/5v9icnkQhA?= =?us-ascii?Q?1AyU5NjxeyyOwtq+obttXDTpaREpPmHF8CkUDAUCc5HpAwAfQoRZ/CrBs8kC?= =?us-ascii?Q?mR30UfM8BkTNgAPZleJoLiMeGCuRIUFOTfAmL8s8G7CA570ntP5j/OJAg5Q9?= =?us-ascii?Q?FGRLgs9srjyPRTJydx1pytf+1e4c44O2GYM/OrFJBTB4M0Vpk+WgrH3sRQHm?= =?us-ascii?Q?ZPHd1eyho+iQBlETAiUspLx3hPDWQoYVMSuZrLljEGH9MjhVhslA8r2f44IS?= =?us-ascii?Q?4wNYbNfzuVoAz/hom6Hp5jYcA8novIXnMLuYBwQGEdSDyDMPX4WLVQheGQkG?= =?us-ascii?Q?j1OGd2OSPjo4xNF3a8g6RUHOYE6CiMk0KvL+6mi1YwJONQnoneM0IjyvEait?= =?us-ascii?Q?QMKHLKh816NUB6UP7KbiKhA9DytpPm4ZOzMTACNFKla4GYo4F+Sgx83ZI1Sl?= =?us-ascii?Q?bD6ngRxaRmIilqOedZulVtpUisnR1C8RbY/4P/qidMGRmUi/7iTXBWamZzLs?= =?us-ascii?Q?tVHDx51EwOS7wHoLQet9sTVerHiKJQ8h2pCH/tsk6PYZlpFECIXVwV/XS2lE?= =?us-ascii?Q?mDhUVgl8x8xc9Ma4GDUJLAv6Xry1izRJqPsD146QsJaFAxiQETl1d5OerImG?= =?us-ascii?Q?mfZyoQcl+cOQGMl3cPA9/lmNjY4+gBoyGCOCYnncIOwTk4VBlPaGy2ZPlGzM?= =?us-ascii?Q?IY7e6r+z+vXDcDZBWfgWE/KEil/lwJh7xIG45xmaObXZjkjeBGY9yk9bE6TB?= =?us-ascii?Q?i+yPkqQ=3D?= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230031)(1800799015)(376005)(52116005)(366007)(38350700005); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?uLWe7a7wbSdjy+5Fa1LRfGJkkFQZojjJddI+e4t65Z4q7vkV629f43wEG33d?= =?us-ascii?Q?syb+3Xs7y2Yb8sSdepW8/lthhhPvW1i9RKhTBP4JdRW0IXvOhlda8NKdQ7w2?= =?us-ascii?Q?3gE77HYdCI96pyLpALuPqmY7zk5PI38JA6nMoTZawRVJWffl4Fy0m++QiyAC?= =?us-ascii?Q?ws5ASP50f9jMdrkpjgr3vq6lSd5aIX5jbbw5GIaB71NxX83Kr3G1O65Z185i?= =?us-ascii?Q?Xdl23+rKD8qCGsfPKLchUBCCbaI1gtSNoaVksZKFXukDLc5k+vHXl24+VkqU?= =?us-ascii?Q?uzKkMVYH0t4ACaO8hdGJTlqOXTO9eEl0lbJML5L3Hxe0qqqynrx+t9KodOON?= =?us-ascii?Q?6WdGx1zKLq3yQ08SwI61LlpjRHJ10oGBGlb1iTzk064eu1P7btncBH3YuJuy?= =?us-ascii?Q?Ld+sWOXu/JKN6vfOfOiL8aZT58JYCo2qje25IQFkDcohWj1v6REyNhU8n+tU?= =?us-ascii?Q?uToBwA1cWQHtcfYEz9Rfw4bNT3IuHIkmZlzX3JmPIyDpaR02bQLpichPm3cO?= =?us-ascii?Q?M+F1e/gVADxRYig9oFscP74hXvgZYlFhRGglkX5ElLVE2Fhj8Ih4Frgk3MQh?= =?us-ascii?Q?ScWbv7egJYnxX2MPTkEhATV1EnlMVB8wxrzH5X09+xWp/Qu8sOGhfsK+cu9/?= =?us-ascii?Q?ny85GgwMwMPu2T7gHR2P0Jlp1BZTkOZ6Li5R9rqJikTtGb2FCcQ1lQZlPR94?= =?us-ascii?Q?CmLZg/Tv5xD9c/vC2kaIlXlHXIBVDyEHePHKL2YCnnot38GGEI0V/+GcSqEd?= =?us-ascii?Q?ZEJyeusi3M59YIQStnc7lEWfGqB1kB9wpfQb6qkxjmI1v9Ru8GxQRwHETAxQ?= =?us-ascii?Q?wERQ9WrrEWZk7YuMzhcDq8xeIZw8nYtTC1Igjko4WMjPpQzgqXe6tsABcgRu?= =?us-ascii?Q?/RLTPwcYy50eAFzPjSho7bncU6b0MCQXuIKF1yNdr9eqYqt0E5Cy+f8CYgyf?= =?us-ascii?Q?vcIbfIKcmpcU20B3/5nUzYkkrARzyKgJ+XrjMPAh81RBrM50kH3hUGi72Sf8?= =?us-ascii?Q?yR9xk+ydEMRV4fqcJssZqaGD2sa1nxqEhloNJ+f60gJAlECHk/crNNZ3Jj1K?= =?us-ascii?Q?0rIW89eKJu3Slb8KsT4nGKlPxtIUERMPomiJHfhwDG6kUXLxyhaZsNfweLQI?= =?us-ascii?Q?WELc+OvxVzXlnXnxQ26IfGVRYfXk2XT3TsDqXLwI4BKNyACwypMsvmlBGeLE?= =?us-ascii?Q?6giMh/LXNPao5KSf20xdfNxUKaym+EVKznbiqlJPwtXmBmSzwuZtHlIIkWe3?= =?us-ascii?Q?aYSBBbDf0tp8uapUhFTCAb2HVIa13/XEtBPsnP4xnTxK2TRzzgGpw0eMYJSj?= =?us-ascii?Q?UHy86VhamJjk5VKAuFz3ZV4H37J61vynk736RaaNWLOJoHZsmOl00au4Oiif?= =?us-ascii?Q?RNwflkuCyu0wYKf0LUedOMH4B+q7Fhb6XSFAC6rsnKw4hsVzH2/GPUAddmAo?= =?us-ascii?Q?6JjPmf2INMid5B27sfHLkXeGdiPBNAdmwXcDxDDZUMo/EKhhRb9001g+cEKI?= =?us-ascii?Q?Qgv6FbNUcjZC2NinWoKGGeijAVWO5wtocDFVRsq7aeuP6cnG+ESneFVVcy/S?= =?us-ascii?Q?TH8fJIwRoO4CYvemrD4pcKaZ3YHzM28kL2O0H3M3B0qBGI6KFN78P1UZ/Gmu?= =?us-ascii?Q?CA=3D=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9f240e35-89fb-43fb-ced7-08dc87224318 X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 07 Jun 2024 18:47:20.5599 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: 2G6+sKakcCZokIMNeqWuNfuUIi6Cg1QElVdcQRJpHTQDyquiGbbvORQh2EDCm+6YMehnldHQxom70tQC/hZYl3uQyxKeY7+Wb32+416/d1I= X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1P251MB0769 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.whiteo.stw.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH] openssl: Version bump. 3.3.0 -> 3.3.1 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.whiteo.stw.pengutronix.de); SAEximRunCond expanded to false https://www.openssl.org/news/cl33.txt Plugs CVEs: CVE-2024-4741 - Potential use after free after SSL_free_buffers() is called CVE-2024-4603 - Checking excessively long DSA keys or parameters may be very slow * Forward patchset, applies cleanly. Signed-off-by: Christian Melki --- .../0001-debian-targets.patch | 0 patches/{openssl-3.3.0 => openssl-3.3.1}/0002-pic.patch | 0 ...Configure-allow-to-enable-ktls-if-target-does-not-st.patch | 0 .../0004-conf-Serialize-allocation-free-of-ssl_names.patch | 0 ...Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch | 0 patches/{openssl-3.3.0 => openssl-3.3.1}/series | 0 rules/openssl.make | 4 ++-- 7 files changed, 2 insertions(+), 2 deletions(-) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0001-debian-targets.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0002-pic.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0004-conf-Serialize-allocation-free-of-ssl_names.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch (100%) rename patches/{openssl-3.3.0 => openssl-3.3.1}/series (100%) diff --git a/patches/openssl-3.3.0/0001-debian-targets.patch b/patches/openssl-3.3.1/0001-debian-targets.patch similarity index 100% rename from patches/openssl-3.3.0/0001-debian-targets.patch rename to patches/openssl-3.3.1/0001-debian-targets.patch diff --git a/patches/openssl-3.3.0/0002-pic.patch b/patches/openssl-3.3.1/0002-pic.patch similarity index 100% rename from patches/openssl-3.3.0/0002-pic.patch rename to patches/openssl-3.3.1/0002-pic.patch diff --git a/patches/openssl-3.3.0/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch b/patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch similarity index 100% rename from patches/openssl-3.3.0/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch rename to patches/openssl-3.3.1/0003-Configure-allow-to-enable-ktls-if-target-does-not-st.patch diff --git a/patches/openssl-3.3.0/0004-conf-Serialize-allocation-free-of-ssl_names.patch b/patches/openssl-3.3.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch similarity index 100% rename from patches/openssl-3.3.0/0004-conf-Serialize-allocation-free-of-ssl_names.patch rename to patches/openssl-3.3.1/0004-conf-Serialize-allocation-free-of-ssl_names.patch diff --git a/patches/openssl-3.3.0/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch b/patches/openssl-3.3.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch similarity index 100% rename from patches/openssl-3.3.0/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch rename to patches/openssl-3.3.1/0005-Configure-drop-fzero-call-used-regs-used-gpr-from-De.patch diff --git a/patches/openssl-3.3.0/series b/patches/openssl-3.3.1/series similarity index 100% rename from patches/openssl-3.3.0/series rename to patches/openssl-3.3.1/series diff --git a/rules/openssl.make b/rules/openssl.make index 8ce6661cc..066437c9b 100644 --- a/rules/openssl.make +++ b/rules/openssl.make @@ -16,8 +16,8 @@ PACKAGES-$(PTXCONF_OPENSSL) += openssl # # Paths and names # -OPENSSL_VERSION := 3.3.0 -OPENSSL_MD5 := c8b063afbea85d867e161ecb8816cfa9 +OPENSSL_VERSION := 3.3.1 +OPENSSL_MD5 := 8a4342b399c18f870ca6186299195984 OPENSSL := openssl-$(OPENSSL_VERSION) OPENSSL_SUFFIX := tar.gz OPENSSL_URL := \ -- 2.34.1