[v16.x] deps: update OpenSSL 1.1.1s+quic #45274
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nodejs-github-bot
added
dependencies
RafaelGSS
force-pushed
the
openssl-1-1-1s+quic-v16
branch
from
5382481
to
83a863e
Compare
RafaelGSS
added
request-ci
richardlau
approved these changes
Nov 2, 2022
BethGriggs
force-pushed
the
v16.x-staging
branch
from
abd7829
to
499750f
Compare
This was referenced Nov 5, 2022
RafaelGSS
added
the
commit-queue
aduh95
added
author ready
RafaelGSS
force-pushed
the
openssl-1-1-1s+quic-v16
branch
from
83a863e
to
b8083be
Compare
This updates all sources in deps/openssl/openssl by:
$ git clone https://github.com/quictls/openssl
$ cd openssl
$ git checkout OpenSSL_1_1_1s+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit
RafaelGSS
force-pushed
the
openssl-1-1-1s+quic-v16
branch
from
b8083be
to
ed886f5
Compare
|
I had to rebase. |
RafaelGSS
added
request-ci
github-actions
bot
removed
the
request-ci
20 tasks
19 tasks
github-actions
bot
removed
the
request-ci
This was referenced Nov 12, 2022
github-actions
bot
removed
the
request-ci
17 tasks
This was referenced Nov 20, 2022
richardlau
pushed a commit
that referenced
this pull request
Nov 23, 2022
This updates all sources in deps/openssl/openssl by:
$ git clone https://github.com/quictls/openssl
$ cd openssl
$ git checkout OpenSSL_1_1_1s+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: #45274
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
richardlau
pushed a commit
that referenced
this pull request
Nov 23, 2022
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: #45274 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
|
Landed in ac24c80...7c0da6a. |
Merged
mwalbeck
pushed a commit
to mwalbeck/docker-cyberchef
that referenced
this pull request
Dec 14, 2022
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [node](https://github.com/nodejs/node) | stage | minor | `16.18.1-bullseye` -> `16.19.0-bullseye` | --- ### Release Notes <details> <summary>nodejs/node</summary> ### [`v16.19.0`](https://github.com/nodejs/node/releases/tag/v16.19.0): 2022-12-13, Version 16.19.0 'Gallium' (LTS), @​richardlau [Compare Source](nodejs/node@v16.18.1...v16.19.0) ##### Notable Changes ##### OpenSSL 1.1.1s This update is a bugfix release and does not address any security vulnerabilities. ##### Root certificates updated to NSS 3.85 Certificates added: - Autoridad de Certificacion Firmaprofesional CIF [`A626340`](nodejs/node@A62634068) - Certainly Root E1 - Certainly Root R1 - D-TRUST BR Root CA 1 2020 - D-TRUST EV Root CA 1 2020 - DigiCert TLS ECC P384 Root G5 - DigiCert TLS RSA4096 Root G5 - E-Tugra Global Root CA ECC v3 - E-Tugra Global Root CA RSA v3 - HiPKI Root CA - G1 - ISRG Root X2 - Security Communication ECC RootCA1 - Security Communication RootCA3 - Telia Root CA v2 - vTrus ECC Root CA - vTrus Root CA Certificates removed: - Cybertrust Global Root - DST Root CA X3 - GlobalSign Root CA - R2 - Hellenic Academic and Research Institutions RootCA 2011 ##### Time zone update to 2022f Time zone data has been updated to 2022f. This includes changes to Daylight Savings Time (DST) for Fiji and Mexico. For more information, see <https://mm.icann.org/pipermail/tz-announce/2022-October/000075.html>. ##### Other Notable Changes - \[[`33707dcd03`](nodejs/node@33707dcd03)] - **dgram**: add dgram send queue info (theanarkh) [#​44149](nodejs/node#44149) Dependency updates: - \[[`3b2b70d792`](nodejs/node@3b2b70d792)] - **deps**: upgrade npm to 8.19.3 (npm team) [#​45322](nodejs/node#45322) Experimental features: - \[[`1e0dcd1ee0`](nodejs/node@1e0dcd1ee0)] - **cli**: add `--watch` (Moshe Atlow) [#​44366](nodejs/node#44366) - \[[`8c73279ebb`](nodejs/node@8c73279ebb)] - **util**: add default value option to parsearg (Manuel Spigolon) [#​44631](nodejs/node#44631) ##### Commits - \[[`bbef3c42f6`](nodejs/node@bbef3c42f6)] - **build**: add version info to timezone update PR (Darshan Sen) [#​45021](nodejs/node#45021) - \[[`cc2c7648e0`](nodejs/node@cc2c7648e0)] - **build**: support Python 3.11 (Luigi Pinca) [#​45191](nodejs/node#45191) - \[[`ac24c80663`](nodejs/node@ac24c80663)] - **build**: remove redundant condition from common.gypi (Richard Lau) [#​45076](nodejs/node#45076) - \[[`03dcbe3030`](nodejs/node@03dcbe3030)] - **build**: fix bad upstream merge (Stephen Gallagher) [#​44642](nodejs/node#44642) - \[[`1e0dcd1ee0`](nodejs/node@1e0dcd1ee0)] - **cli**: add `--watch` (Moshe Atlow) [#​44366](nodejs/node#44366) - \[[`96d131665e`](nodejs/node@96d131665e)] - **cluster**: use inspector utils (Moshe Atlow) [#​44592](nodejs/node#44592) - \[[`704836033a`](nodejs/node@704836033a)] - **crypto**: update root certificates (Luigi Pinca) [#​45490](nodejs/node#45490) - \[[`5a776d4a69`](nodejs/node@5a776d4a69)] - **deps**: update timezone to 2022f (Richard Lau) [#​45613](nodejs/node#45613) - \[[`3b2b70d792`](nodejs/node@3b2b70d792)] - **deps**: upgrade npm to 8.19.3 (npm team) [#​45322](nodejs/node#45322) - \[[`9fbc8b21db`](nodejs/node@9fbc8b21db)] - **deps**: update corepack to 0.15.1 (Node.js GitHub Bot) [#​45331](nodejs/node#45331) - \[[`87e3d002ca`](nodejs/node@87e3d002ca)] - **deps**: update corepack to 0.15.0 (Node.js GitHub Bot) [#​45235](nodejs/node#45235) - \[[`e972ff7b13`](nodejs/node@e972ff7b13)] - **deps**: V8: backport [`bbd800c`](nodejs/node@bbd800c6e359) (Chengzhong Wu) [#​44947](nodejs/node#44947) - \[[`af9d8217c0`](nodejs/node@af9d8217c0)] - **deps**: V8: cherry-pick [`b953542`](nodejs/node@b95354290941) (Chengzhong Wu) [#​44947](nodejs/node#44947) - \[[`38202d321b`](nodejs/node@38202d321b)] - **deps**: update undici to 5.12.0 (Node.js GitHub Bot) [#​45236](nodejs/node#45236) - \[[`7c0da6adf9`](nodejs/node@7c0da6adf9)] - **deps**: update archs files for OpenSSL-1.1.1s (RafaelGSS) [#​45274](nodejs/node#45274) - \[[`1149ead6f7`](nodejs/node@1149ead6f7)] - **deps**: upgrade openssl sources to OpenSSL\_1\_1\_1s (RafaelGSS) [#​45274](nodejs/node#45274) - \[[`cd54bce4f5`](nodejs/node@cd54bce4f5)] - **deps**: update timezone (Node.js GitHub Bot) [#​44950](nodejs/node#44950) - \[[`2901abe4f0`](nodejs/node@2901abe4f0)] - **deps**: update undici to 5.11.0 (Node.js GitHub Bot) [#​44929](nodejs/node#44929) - \[[`c80cf97033`](nodejs/node@c80cf97033)] - **deps**: update corepack to 0.14.2 (Node.js GitHub Bot) [#​44775](nodejs/node#44775) - \[[`33707dcd03`](nodejs/node@33707dcd03)] - **dgram**: add dgram send queue info (theanarkh) [#​44149](nodejs/node#44149) - \[[`c708d9bb94`](nodejs/node@c708d9bb94)] - **doc**: fix typo in parseArgs default value (Tobias Nießen) [#​45083](nodejs/node#45083) - \[[`5a0efa05d2`](nodejs/node@5a0efa05d2)] - **node-api**: handle no support for external buffers (Michael Dawson) [#​45181](nodejs/node#45181) - \[[`db31de634e`](nodejs/node@db31de634e)] - **readline**: refactor to avoid unsafe regex primordials (Antoine du Hamel) [#​43475](nodejs/node#43475) - \[[`fbc52e5729`](nodejs/node@fbc52e5729)] - **src**: disambiguate terms used to refer to builtins and addons (Joyee Cheung) [#​44135](nodejs/node#44135) - \[[`953072d3db`](nodejs/node@953072d3db)] - **src**: let http2 streams end after session close (Santiago Gimeno) [#​45153](nodejs/node#45153) - \[[`54608d8dc3`](nodejs/node@54608d8dc3)] - **src**: split property helpers from node::Environment (Chengzhong Wu) [#​44056](nodejs/node#44056) - \[[`6733556783`](nodejs/node@6733556783)] - **test**: add test to validate changelogs for releases (Richard Lau) [#​45325](nodejs/node#45325) - \[[`821d832cef`](nodejs/node@821d832cef)] - **test**: mark test-watch-mode\* as flaky on all platforms (Pierrick Bouvier) [#​45049](nodejs/node#45049) - \[[`02a18eac69`](nodejs/node@02a18eac69)] - **test**: fix test-runner-inspect (Moshe Atlow) [#​44620](nodejs/node#44620) - \[[`197df63f74`](nodejs/node@197df63f74)] - **test**: add a test to ensure the correctness of timezone upgrades (Darshan Sen) [#​45299](nodejs/node#45299) - \[[`42e9d8016a`](nodejs/node@42e9d8016a)] - **test**: fix textdecoder test for small-icu builds (Richard Lau) [#​45225](nodejs/node#45225) - \[[`6d736a56d8`](nodejs/node@6d736a56d8)] - **test**: fix watch mode test flake (Moshe Atlow) [#​44739](nodejs/node#44739) - \[[`543d3d2bf3`](nodejs/node@543d3d2bf3)] - **test**: deflake watch mode tests (Moshe Atlow) [#​44621](nodejs/node#44621) - \[[`97f6caf4eb`](nodejs/node@97f6caf4eb)] - **test**: split watch mode inspector tests to sequential (Moshe Atlow) [#​44551](nodejs/node#44551) - \[[`499750ff7a`](nodejs/node@499750ff7a)] - **test**: update list of known globals (Antoine du Hamel) [#​45255](nodejs/node#45255) - \[[`64d343af74`](nodejs/node@64d343af74)] - **test_runner**: support using `--inspect` with `--test` (Moshe Atlow) [#​44520](nodejs/node#44520) - \[[`99ee5e484d`](nodejs/node@99ee5e484d)] - **test_runner**: fix `duration_ms` to be milliseconds (Moshe Atlow) [#​44450](nodejs/node#44450) - \[[`37e909251c`](nodejs/node@37e909251c)] - **test_runner**: support programmatically running `--test` (Moshe Atlow) [#​44241](nodejs/node#44241) - \[[`0ae5694f88`](nodejs/node@0ae5694f88)] - **tools**: update certdata.txt (Luigi Pinca) [#​45490](nodejs/node#45490) - \[[`891368cefd`](nodejs/node@891368cefd)] - **tools**: remove faulty early termination logic from update-timezone.mjs (Darshan Sen) [#​44870](nodejs/node#44870) - \[[`543493c242`](nodejs/node@543493c242)] - **tools**: fix timezone update tool (Darshan Sen) [#​44870](nodejs/node#44870) - \[[`c77f660b75`](nodejs/node@c77f660b75)] - **tools**: fix `create-or-update-pull-request-action` hash on GHA (Antoine du Hamel) [#​45166](nodejs/node#45166) - \[[`58c30dd049`](nodejs/node@58c30dd049)] - **tools**: update gr2m/create-or-update-pull-request-action (Luigi Pinca) [#​45022](nodejs/node#45022) - \[[`749a4b3e5e`](nodejs/node@749a4b3e5e)] - **tools**: use Python 3.11 in GitHub Actions workflows (Luigi Pinca) [#​45191](nodejs/node#45191) - \[[`6f541d99a5`](nodejs/node@6f541d99a5)] - **tools**: have test-asan use ubuntu-20.04 (Filip Skokan) [#​45581](nodejs/node#45581) - \[[`e7ed56f501`](nodejs/node@e7ed56f501)] - **tools**: make license-builder.sh comply with shellcheck 0.8.0 (Rich Trott) [#​41258](nodejs/node#41258) - \[[`cc819b4bf8`](nodejs/node@cc819b4bf8)] - **tools**: fix typo in `avoid-prototype-pollution` lint rule (Antoine du Hamel) [#​44446](nodejs/node#44446) - \[[`254358c81e`](nodejs/node@254358c81e)] - **tools**: refactor `avoid-prototype-pollution` lint rule (Antoine du Hamel) [#​43476](nodejs/node#43476) - \[[`8c73279ebb`](nodejs/node@8c73279ebb)] - **util**: add default value option to parsearg (Manuel Spigolon) [#​44631](nodejs/node#44631) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC41NS4wIiwidXBkYXRlZEluVmVyIjoiMzQuNTUuMCJ9--> Reviewed-on: https://git.walbeck.it/mwalbeck/docker-cyberchef/pulls/143 Co-authored-by: renovate-bot <bot@walbeck.it> Co-committed-by: renovate-bot <bot@walbeck.it>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
This updates all sources in deps/openssl/openssl by:
$ git clone https://github.com/quictls/openssl
$ cd openssl
$ git checkout OpenSSL_1_1_1s+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: nodejs/node#45274
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: nodejs/node#45274 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
This updates all sources in deps/openssl/openssl by:
$ git clone https://github.com/quictls/openssl
$ cd openssl
$ git checkout OpenSSL_1_1_1s+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: nodejs/node#45274
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
guangwong
pushed a commit
to noslate-project/node
that referenced
this pull request
Jan 3, 2023
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: nodejs/node#45274 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html Reviewed-By: Richard Lau <rlau@redhat.com> Reviewed-By: Michael Dawson <midawson@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Updated openssl dep to openssl-1.1.1s+quic using the maintenance guide.
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-November/000242.html