From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Liu, WeiX C" <weix.c.liu@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Subject: Re: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
Date: Thu, 18 Mar 2021 06:24:26 +0000 [thread overview]
Message-ID: <CO1PR11MB49454B3EEC6285916B63BAEAB6699@CO1PR11MB4945.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20210318055117.2059-1-weix.c.liu@intel.com>
Hi Liu Wei,
Thanks for upgrading the openssl lib. Please fix the line ending issue. It's required
by edk2 coding style that the line ending must Windows style.
Regards,
Jian
> -----Original Message-----
> From: Liu, WeiX C <weix.c.liu@intel.com>
> Sent: Thursday, March 18, 2021 1:51 PM
> To: devel@edk2.groups.io
> Cc: Liu, WeiX C <weix.c.liu@intel.com>; Wang, Jian J <jian.j.wang@intel.com>
> Subject: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
>
> From: Liu Wei <weix.c.liu@intel.com>
>
> Update openssl from 1.1.1g to 1.1.1j. Current OpenSSL version
> 1.1.1g contains the vulnerabilities of CVE-2021-23841 and
> CVE-2021-23840. The related vulnerable API EVP_DecryptUpdate
> are used in drivers.
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3266
>
> Besides, the opensslconf.h automatically generated in UNIX
> format by process_files.pl.
>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Signed-off-by: Liu Wei <weix.c.liu@intel.com>
> ---
> CryptoPkg/Library/Include/openssl/opensslconf.h | 7 ++++++-
> CryptoPkg/Library/OpensslLib/openssl | 2 +-
> 2 files changed, 7 insertions(+), 2 deletions(-)
>
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 3a2544e..f9a73e9 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -2,7 +2,7 @@
> * WARNING: do not edit!
>
> * Generated from include/openssl/opensslconf.h.in
>
> *
>
> - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
>
> + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
>
> *
>
> * Licensed under the OpenSSL license (the "License"). You may not use
>
> * this file except in compliance with the License. You can obtain a copy
>
> @@ -268,6 +268,11 @@ extern "C" {
> # undef DECLARE_DEPRECATED
>
> # define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
>
> # endif
>
> +# elif defined(__SUNPRO_C)
>
> +# if (__SUNPRO_C >= 0x5130)
>
> +# undef DECLARE_DEPRECATED
>
> +# define DECLARE_DEPRECATED(f) f __attribute__ ((deprecated));
>
> +# endif
>
> # endif
>
> #endif
>
>
>
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index e2e09d9..52c587d 160000
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72
> +Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
> --
> 2.7.4
next prev parent reply other threads:[~2021-03-18 6:24 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-18 5:51 [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j Liu, WeiX C
2021-03-18 6:24 ` Wang, Jian J [this message]
2021-03-22 5:55 ` Liu, WeiX C
2021-03-22 6:21 ` Wang, Jian J
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CO1PR11MB49454B3EEC6285916B63BAEAB6699@CO1PR11MB4945.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox