update openssl to 3.0.8

[dimpase]

from sage-devel by Thierry: I took his branch and made this PR from it.

Sage's current openssl version (3.0.5) hass several "High severity"
vulnerabilities, see https://www.openssl.org/news/vulnerabilities.html

It would be nice to have the fixes included in the next Sage release. I am not
using github, here is a pull request (literally) to fix this :

git pull https://lipn.univ-paris13.fr/~monteil/hebergement/sage/sage.git openssl.3.0.8

(commit hash : 997a6bd)
I checked the hash of the tarballs against the GPG signatures by upstream developers.

Tarball at : https://www.openssl.org/source/openssl-3.0.8.tar.gz

Ciao,
Thierry

P.S. Note that 3.1.0. has been very recently released, however 3.0.x is LTS and will
not have structural changes. Just in case, here is a verified branch :

git pull https://lipn.univ-paris13.fr/~monteil/hebergement/sage/sage.git openssl.3.1.0

(commit hash : 9229a2be66dc0e4f2e3f677aa515a33bfe72a873)
Tarball at : https://www.openssl.org/source/openssl-3.1.0.tar.gz

[mkoeppe]

Run ci-linux workflow?

[dimpase]

Run ci-linux workflow?

I don't know how to do this - it's not a named branch, I don't see how to trigger it (at least not from the browser)

[mkoeppe]

It is named in your repo, where you can run it. It's called ssl308.

[dimpase]

OK, running https://github.com/dimpase/sage/actions/runs/4810927760
(I know that some of our workflows on work here, not in forks)

[dimpase]

So you see, https://github.com/dimpase/sage/actions/runs/4810927760 failed all jobs due to some Docker blah or whatever.

[dimpase]

needless to say, it works otherwsie...

[mkoeppe]

Try with #35417 merged

[dimpase]

Try with #35417 merged

I understand it still won't fly.

[mkoeppe]

Depends on your config; it sure works for me

[dimpase]

well, as it all happens on GitHub, I have no idea how our forks are different.

[mkoeppe]

No problem because I know. https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/enabling-features-for-your-repository/managing-github-actions-settings-for-a-repository#managing-github-actions-permissions-for-your-repository

[dimpase]

No problem because I know. [...]

this link has pages and pages of verbose instructions. Presumably you figured it out - then it should go to a wiki or to a manual, what precisely has to be set.

[github-actions]

Documentation preview for this PR is ready! 🎉
Built with commit: c046024

[mkoeppe]

it should go to a wiki or to a manual, what precisely has to be set

yes, that's #35108

[mkoeppe]

@dimpase with the new version of #35108 users no longer need to adjust the permission settings

[mkoeppe]

I've tested it on a few platforms in https://github.com/mkoeppe/sage/actions/runs/4922782397 (using #35380). It seems fine.