-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: update OpenSSL 3.0.7+quic #45286
Conversation
This updates all sources in deps/openssl/openssl by: $ git clone git@github.com:quictls/openssl.git $ cd openssl $ git checkout openssl-3.0.7+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../../../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl
Review requested:
|
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This updates all sources in deps/openssl/openssl by: $ git clone git@github.com:quictls/openssl.git $ cd openssl $ git checkout openssl-3.0.7+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../../../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: nodejs#45286
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl $ git commit PR-URL: nodejs#45286
@RafaelGSS 32-bit Windows has failed. Looks like a reoccurrence of #43603 (comment). |
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config clean $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl $ git commit
b6394a2
to
766af01
Compare
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
@richardlau it seems fixed. @juanarbol you need to cherry-pick it again. |
Landed in 4124b03...9fb612e |
Hello, Looks like this hasn't happened as there were no merged PRs for the security release... Can somebody give the bot a push so the official images can be updated? Thanks |
This updates all sources in deps/openssl/openssl by: $ git clone git@github.com:quictls/openssl.git $ cd openssl $ git checkout openssl-3.0.7+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../../../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl CVE-ID: CVE-2022-3602, CVE-2022-3786 PR-URL: nodejs#45286
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config clean $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl $ git commit CVE-ID: CVE-2022-3602, CVE-2022-3786 PR-URL: nodejs#45286
Updated openssl dep to openssl-3.0.7+quic using the maintenance guide.
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000241.html