Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v14.x] deps: update OpenSSL 1.1.1s #45272

Closed
wants to merge 2 commits into from

Conversation

RafaelGSS
Copy link
Member

Updated openssl dep to openssl-1.1.1s using the maintenance guide.

Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html

This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1s.tar.gz
    $ mv openssl-1.1.1s openssl
    $ git add --all openssl
    $ git commit openssl
@nodejs-github-bot nodejs-github-bot added dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. v14.x labels Nov 1, 2022
@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Nov 1, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Nov 1, 2022
@nodejs-github-bot
Copy link
Collaborator

After an OpenSSL source update, all the config files need to be
regenerated and committed by:
   $ make -C deps/openssl/config
   $ git add deps/openssl/config/archs
   $ git add deps/openssl/openssl/include/crypto/bn_conf.h
   $ git add deps/openssl/openssl/include/crypto/dso_conf.h
   $ git add deps/openssl/openssl/include/openssl/opensslconf.h
   $ git commit
@RafaelGSS RafaelGSS added request-ci Add this label to start a Jenkins CI on a PR. and removed request-ci Add this label to start a Jenkins CI on a PR. labels Nov 2, 2022
@nodejs-github-bot
Copy link
Collaborator

@RafaelGSS RafaelGSS added the commit-queue Add this label to land a pull request using GitHub Actions. label Nov 9, 2022
@aduh95 aduh95 added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. and removed commit-queue Add this label to land a pull request using GitHub Actions. labels Nov 9, 2022
RafaelGSS added a commit that referenced this pull request Nov 9, 2022
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1s.tar.gz
    $ mv openssl-1.1.1s openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #45272
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
RafaelGSS added a commit that referenced this pull request Nov 9, 2022
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
   $ make -C deps/openssl/config
   $ git add deps/openssl/config/archs
   $ git add deps/openssl/openssl/include/crypto/bn_conf.h
   $ git add deps/openssl/openssl/include/crypto/dso_conf.h
   $ git add deps/openssl/openssl/include/openssl/opensslconf.h
   $ git commit

PR-URL: #45272
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
@RafaelGSS
Copy link
Member Author

Landed in fe444a8...f297b6b

@RafaelGSS RafaelGSS closed this Nov 9, 2022
@richardlau richardlau mentioned this pull request Dec 7, 2022
mwalbeck pushed a commit to mwalbeck/docker-jellyfin-livestream that referenced this pull request Dec 14, 2022
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [node](https://github.com/nodejs/node) | stage | patch | `14.21.1-bullseye-slim` -> `14.21.2-bullseye-slim` |

---

### Release Notes

<details>
<summary>nodejs/node</summary>

### [`v14.21.2`](https://github.com/nodejs/node/releases/tag/v14.21.2): 2022-12-13, Version 14.21.2 &#x27;Fermium&#x27; (LTS), @&#8203;richardlau

[Compare Source](nodejs/node@v14.21.1...v14.21.2)

##### Notable Changes

##### OpenSSL 1.1.1s

This update is a bugfix release and does not address any security
vulnerabilities.

##### Root certificates updated to NSS 3.85

Certificates added:

-   Autoridad de Certificacion Firmaprofesional CIF [`A626340`](nodejs/node@A62634068)
-   Certainly Root E1
-   Certainly Root R1
-   D-TRUST BR Root CA 1 2020
-   D-TRUST EV Root CA 1 2020
-   DigiCert TLS ECC P384 Root G5
-   DigiCert TLS RSA4096 Root G5
-   E-Tugra Global Root CA ECC v3
-   E-Tugra Global Root CA RSA v3
-   HiPKI Root CA - G1
-   ISRG Root X2
-   Security Communication ECC RootCA1
-   Security Communication RootCA3
-   Telia Root CA v2
-   vTrus ECC Root CA
-   vTrus Root CA

Certificates removed:

-   Cybertrust Global Root
-   DST Root CA X3
-   GlobalSign Root CA - R2
-   Hellenic Academic and Research Institutions RootCA 2011

##### Time zone update to 2022f

Time zone data has been updated to 2022f. This includes changes to Daylight
Savings Time (DST) for Fiji and Mexico. For more information, see
<https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html>.

##### Commits

-   \[[`436a596e99`](nodejs/node@436a596e99)] - **crypto**: update root certificates (Luigi Pinca) [#&#8203;45490](nodejs/node#45490)
-   \[[`4b422d34af`](nodejs/node@4b422d34af)] - **deps**: V8: cherry-pick [`d2db7fa`](nodejs/node@d2db7fa7f786) (Richard Lau) [#&#8203;45785](nodejs/node#45785)
-   \[[`625f4bf3a9`](nodejs/node@625f4bf3a9)] - **deps**: update corepack to 0.15.1 (Node.js GitHub Bot) [#&#8203;45331](nodejs/node#45331)
-   \[[`48a9810de8`](nodejs/node@48a9810de8)] - **deps**: update corepack to 0.15.0 (Node.js GitHub Bot) [#&#8203;45235](nodejs/node#45235)
-   \[[`9f4e64b603`](nodejs/node@9f4e64b603)] - **deps**: update timezone to 2022f (Richard Lau) [#&#8203;45521](nodejs/node#45521)
-   \[[`f297b6bd21`](nodejs/node@f297b6bd21)] - **deps**: update archs files for OpenSSL-1.1.1s (RafaelGSS) [#&#8203;45272](nodejs/node#45272)
-   \[[`11629fef15`](nodejs/node@11629fef15)] - **deps**: upgrade openssl sources to 1.1.1s (RafaelGSS) [#&#8203;45272](nodejs/node#45272)
-   \[[`c3a90c4b44`](nodejs/node@c3a90c4b44)] - **http2**: fix memory leak when nghttp2 hd threshold is reached (rogertyang) [#&#8203;41502](nodejs/node#41502)
-   \[[`785dc3efee`](nodejs/node@785dc3efee)] - **module**: cjs-module-lexer WebAssembly fallback (Guy Bedford) [#&#8203;43612](nodejs/node#43612)
-   \[[`2dbeb889f6`](nodejs/node@2dbeb889f6)] - **node-api**: handle no support for external buffers (Michael Dawson) [#&#8203;45181](nodejs/node#45181)
-   \[[`5b2ea124f3`](nodejs/node@5b2ea124f3)] - **test**: add test to validate changelogs for releases (Richard Lau) [#&#8203;45325](nodejs/node#45325)
-   \[[`f13f889956`](nodejs/node@f13f889956)] - **test**: add a test to ensure the correctness of timezone upgrades (Darshan Sen) [#&#8203;45299](nodejs/node#45299)
-   \[[`5608e6fa72`](nodejs/node@5608e6fa72)] - **tools**: update certdata.txt (Luigi Pinca) [#&#8203;45490](nodejs/node#45490)
-   \[[`d6f1d7107b`](nodejs/node@d6f1d7107b)] - **tools**: have test-asan use ubuntu-20.04 (Filip Skokan) [#&#8203;45581](nodejs/node#45581)
-   \[[`370a00f737`](nodejs/node@370a00f737)] - **tools**: make license-builder.sh comply with shellcheck 0.8.0 (Rich Trott) [#&#8203;41258](nodejs/node#41258)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC41NS4wIiwidXBkYXRlZEluVmVyIjoiMzQuNTUuMCJ9-->

Reviewed-on: https://git.walbeck.it/mwalbeck/docker-jellyfin-livestream/pulls/210
Co-authored-by: renovate-bot <bot@walbeck.it>
Co-committed-by: renovate-bot <bot@walbeck.it>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants