public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
@ 2021-03-18  5:51 Liu, WeiX C
  2021-03-18  6:24 ` Wang, Jian J
  0 siblings, 1 reply; 4+ messages in thread
From: Liu, WeiX C @ 2021-03-18  5:51 UTC (permalink / raw)
  To: devel; +Cc: Liu Wei, Jian J Wang

From: Liu Wei <weix.c.liu@intel.com>

Update openssl from 1.1.1g to 1.1.1j. Current OpenSSL version
1.1.1g contains the vulnerabilities of CVE-2021-23841 and
CVE-2021-23840. The related vulnerable API EVP_DecryptUpdate
are used in drivers.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3266

Besides, the opensslconf.h automatically generated in UNIX
format by process_files.pl.

Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Liu Wei <weix.c.liu@intel.com>
---
 CryptoPkg/Library/Include/openssl/opensslconf.h | 7 ++++++-
 CryptoPkg/Library/OpensslLib/openssl            | 2 +-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h b/CryptoPkg/Library/Include/openssl/opensslconf.h
index 3a2544e..f9a73e9 100644
--- a/CryptoPkg/Library/Include/openssl/opensslconf.h
+++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
@@ -2,7 +2,7 @@
  * WARNING: do not edit!
  * Generated from include/openssl/opensslconf.h.in
  *
- * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the OpenSSL license (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -268,6 +268,11 @@ extern "C" {
 #   undef DECLARE_DEPRECATED
 #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
 #  endif
+# elif defined(__SUNPRO_C)
+#  if (__SUNPRO_C >= 0x5130)
+#   undef DECLARE_DEPRECATED
+#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
+#  endif
 # endif
 #endif
 
diff --git a/CryptoPkg/Library/OpensslLib/openssl b/CryptoPkg/Library/OpensslLib/openssl
index e2e09d9..52c587d 160000
--- a/CryptoPkg/Library/OpensslLib/openssl
+++ b/CryptoPkg/Library/OpensslLib/openssl
@@ -1 +1 @@
-Subproject commit e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72
+Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
-- 
2.7.4


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
  2021-03-18  5:51 [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j Liu, WeiX C
@ 2021-03-18  6:24 ` Wang, Jian J
  2021-03-22  5:55   ` Liu, WeiX C
  0 siblings, 1 reply; 4+ messages in thread
From: Wang, Jian J @ 2021-03-18  6:24 UTC (permalink / raw)
  To: Liu, WeiX C, devel@edk2.groups.io

Hi Liu Wei,

Thanks for upgrading the openssl lib. Please fix the line ending issue. It's required
by edk2 coding style that the line ending must Windows style.


Regards,
Jian

> -----Original Message-----
> From: Liu, WeiX C <weix.c.liu@intel.com>
> Sent: Thursday, March 18, 2021 1:51 PM
> To: devel@edk2.groups.io
> Cc: Liu, WeiX C <weix.c.liu@intel.com>; Wang, Jian J <jian.j.wang@intel.com>
> Subject: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
> 
> From: Liu Wei <weix.c.liu@intel.com>
> 
> Update openssl from 1.1.1g to 1.1.1j. Current OpenSSL version
> 1.1.1g contains the vulnerabilities of CVE-2021-23841 and
> CVE-2021-23840. The related vulnerable API EVP_DecryptUpdate
> are used in drivers.
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3266
> 
> Besides, the opensslconf.h automatically generated in UNIX
> format by process_files.pl.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Signed-off-by: Liu Wei <weix.c.liu@intel.com>
> ---
>  CryptoPkg/Library/Include/openssl/opensslconf.h | 7 ++++++-
>  CryptoPkg/Library/OpensslLib/openssl            | 2 +-
>  2 files changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 3a2544e..f9a73e9 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -2,7 +2,7 @@
>   * WARNING: do not edit!
> 
>   * Generated from include/openssl/opensslconf.h.in
> 
>   *
> 
> - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
> 
> + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
> 
>   *
> 
>   * Licensed under the OpenSSL license (the "License").  You may not use
> 
>   * this file except in compliance with the License.  You can obtain a copy
> 
> @@ -268,6 +268,11 @@ extern "C" {
>  #   undef DECLARE_DEPRECATED
> 
>  #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
> 
>  #  endif
> 
> +# elif defined(__SUNPRO_C)
> 
> +#  if (__SUNPRO_C >= 0x5130)
> 
> +#   undef DECLARE_DEPRECATED
> 
> +#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
> 
> +#  endif
> 
>  # endif
> 
>  #endif
> 
> 
> 
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index e2e09d9..52c587d 160000
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72
> +Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
> --
> 2.7.4


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
  2021-03-18  6:24 ` Wang, Jian J
@ 2021-03-22  5:55   ` Liu, WeiX C
  2021-03-22  6:21     ` Wang, Jian J
  0 siblings, 1 reply; 4+ messages in thread
From: Liu, WeiX C @ 2021-03-22  5:55 UTC (permalink / raw)
  To: Wang, Jian J, devel@edk2.groups.io

Hi Wang Jian,

The format is caused by git, the original patch file has no EOL issue.

Thanks & BRs,
LIUWEI 

-----Original Message-----
From: Wang, Jian J <jian.j.wang@intel.com> 
Sent: 2021年3月18日 14:24
To: Liu, WeiX C <weix.c.liu@intel.com>; devel@edk2.groups.io
Subject: RE: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j

Hi Liu Wei,

Thanks for upgrading the openssl lib. Please fix the line ending issue. It's required by edk2 coding style that the line ending must Windows style.


Regards,
Jian

> -----Original Message-----
> From: Liu, WeiX C <weix.c.liu@intel.com>
> Sent: Thursday, March 18, 2021 1:51 PM
> To: devel@edk2.groups.io
> Cc: Liu, WeiX C <weix.c.liu@intel.com>; Wang, Jian J 
> <jian.j.wang@intel.com>
> Subject: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
> 
> From: Liu Wei <weix.c.liu@intel.com>
> 
> Update openssl from 1.1.1g to 1.1.1j. Current OpenSSL version 1.1.1g 
> contains the vulnerabilities of CVE-2021-23841 and CVE-2021-23840. The 
> related vulnerable API EVP_DecryptUpdate are used in drivers.
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3266
> 
> Besides, the opensslconf.h automatically generated in UNIX format by 
> process_files.pl.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Signed-off-by: Liu Wei <weix.c.liu@intel.com>
> ---
>  CryptoPkg/Library/Include/openssl/opensslconf.h | 7 ++++++-
>  CryptoPkg/Library/OpensslLib/openssl            | 2 +-
>  2 files changed, 7 insertions(+), 2 deletions(-)
> 
> diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> b/CryptoPkg/Library/Include/openssl/opensslconf.h
> index 3a2544e..f9a73e9 100644
> --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> @@ -2,7 +2,7 @@
>   * WARNING: do not edit!
> 
>   * Generated from include/openssl/opensslconf.h.in
> 
>   *
> 
> - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
> 
> + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
> 
>   *
> 
>   * Licensed under the OpenSSL license (the "License").  You may not 
> use
> 
>   * this file except in compliance with the License.  You can obtain a 
> copy
> 
> @@ -268,6 +268,11 @@ extern "C" {
>  #   undef DECLARE_DEPRECATED
> 
>  #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
> 
>  #  endif
> 
> +# elif defined(__SUNPRO_C)
> 
> +#  if (__SUNPRO_C >= 0x5130)
> 
> +#   undef DECLARE_DEPRECATED
> 
> +#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
> 
> +#  endif
> 
>  # endif
> 
>  #endif
> 
> 
> 
> diff --git a/CryptoPkg/Library/OpensslLib/openssl
> b/CryptoPkg/Library/OpensslLib/openssl
> index e2e09d9..52c587d 160000
> --- a/CryptoPkg/Library/OpensslLib/openssl
> +++ b/CryptoPkg/Library/OpensslLib/openssl
> @@ -1 +1 @@
> -Subproject commit e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72
> +Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
> --
> 2.7.4


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
  2021-03-22  5:55   ` Liu, WeiX C
@ 2021-03-22  6:21     ` Wang, Jian J
  0 siblings, 0 replies; 4+ messages in thread
From: Wang, Jian J @ 2021-03-22  6:21 UTC (permalink / raw)
  To: Liu, WeiX C, devel@edk2.groups.io

Hi Wei,

I see. Please fix the git issue to avoid such issue to happen again.

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

Regards,
Jian

> -----Original Message-----
> From: Liu, WeiX C <weix.c.liu@intel.com>
> Sent: Monday, March 22, 2021 1:56 PM
> To: Wang, Jian J <jian.j.wang@intel.com>; devel@edk2.groups.io
> Subject: RE: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
> 
> Hi Wang Jian,
> 
> The format is caused by git, the original patch file has no EOL issue.
> 
> Thanks & BRs,
> LIUWEI
> 
> -----Original Message-----
> From: Wang, Jian J <jian.j.wang@intel.com>
> Sent: 2021年3月18日 14:24
> To: Liu, WeiX C <weix.c.liu@intel.com>; devel@edk2.groups.io
> Subject: RE: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
> 
> Hi Liu Wei,
> 
> Thanks for upgrading the openssl lib. Please fix the line ending issue. It's required
> by edk2 coding style that the line ending must Windows style.
> 
> 
> Regards,
> Jian
> 
> > -----Original Message-----
> > From: Liu, WeiX C <weix.c.liu@intel.com>
> > Sent: Thursday, March 18, 2021 1:51 PM
> > To: devel@edk2.groups.io
> > Cc: Liu, WeiX C <weix.c.liu@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>
> > Subject: [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j
> >
> > From: Liu Wei <weix.c.liu@intel.com>
> >
> > Update openssl from 1.1.1g to 1.1.1j. Current OpenSSL version 1.1.1g
> > contains the vulnerabilities of CVE-2021-23841 and CVE-2021-23840. The
> > related vulnerable API EVP_DecryptUpdate are used in drivers.
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3266
> >
> > Besides, the opensslconf.h automatically generated in UNIX format by
> > process_files.pl.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Signed-off-by: Liu Wei <weix.c.liu@intel.com>
> > ---
> >  CryptoPkg/Library/Include/openssl/opensslconf.h | 7 ++++++-
> >  CryptoPkg/Library/OpensslLib/openssl            | 2 +-
> >  2 files changed, 7 insertions(+), 2 deletions(-)
> >
> > diff --git a/CryptoPkg/Library/Include/openssl/opensslconf.h
> > b/CryptoPkg/Library/Include/openssl/opensslconf.h
> > index 3a2544e..f9a73e9 100644
> > --- a/CryptoPkg/Library/Include/openssl/opensslconf.h
> > +++ b/CryptoPkg/Library/Include/openssl/opensslconf.h
> > @@ -2,7 +2,7 @@
> >   * WARNING: do not edit!
> >
> >   * Generated from include/openssl/opensslconf.h.in
> >
> >   *
> >
> > - * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved.
> >
> > + * Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
> >
> >   *
> >
> >   * Licensed under the OpenSSL license (the "License").  You may not
> > use
> >
> >   * this file except in compliance with the License.  You can obtain a
> > copy
> >
> > @@ -268,6 +268,11 @@ extern "C" {
> >  #   undef DECLARE_DEPRECATED
> >
> >  #   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
> >
> >  #  endif
> >
> > +# elif defined(__SUNPRO_C)
> >
> > +#  if (__SUNPRO_C >= 0x5130)
> >
> > +#   undef DECLARE_DEPRECATED
> >
> > +#   define DECLARE_DEPRECATED(f)    f __attribute__ ((deprecated));
> >
> > +#  endif
> >
> >  # endif
> >
> >  #endif
> >
> >
> >
> > diff --git a/CryptoPkg/Library/OpensslLib/openssl
> > b/CryptoPkg/Library/OpensslLib/openssl
> > index e2e09d9..52c587d 160000
> > --- a/CryptoPkg/Library/OpensslLib/openssl
> > +++ b/CryptoPkg/Library/OpensslLib/openssl
> > @@ -1 +1 @@
> > -Subproject commit e2e09d9fba1187f8d6aafaa34d4172f56f1ffb72
> > +Subproject commit 52c587d60be67c337364b830dd3fdc15404a2f04
> > --
> > 2.7.4


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2021-03-22  6:21 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-03-18  5:51 [PATCH] CryptoPkg/OpensslLib: Upgrade OpenSSL to 1.1.1j Liu, WeiX C
2021-03-18  6:24 ` Wang, Jian J
2021-03-22  5:55   ` Liu, WeiX C
2021-03-22  6:21     ` Wang, Jian J

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox