On 02/12/2018 01:08 PM, [email protected] wrote: > I'm working with the pyro release, and noticed that it's still using > openssl 1.0.2k. The latest version in the 1.0.2 series is 1.0.2n, which is > already available on master. Is there a reason that the newer version > hasn't made it back to pyro (or rocko, which is on 1.0.2m)? openssl 1.1 was added and the openssl files got restructured making simple cherry-picking not an option for older releases.
1.0.2n hit master 7 days ago, sorry for the delay. 1.0.2n is now in stable/rocko-next and will migrate to rocko when appropriate. > I know new > package versions are not normally backported, but looking at the change > log, I only see one change mentioned that is not a CVE fix (the 1.0.2l > release): > > https://urldefense.proofpoint.com/v2/url?u=https-3A__git.openssl.org_-3Fp-3Dopenssl.git-3Ba-3Dblob-3Bf-3DCHANGES-3Bh-3Df2fc31a25c54b12fc7db40c03d39f9a68b9ec0e5-3Bhb-3De5bba24cd8bb3e5127a578b85c6edf013a38ea6d&d=DwIBAg&c=zVFQZQ67ypsA9mYKSCqWmQHiVkCCaN-Gb60_N6TVnLk&r=ak_pMnzuMKndrbvJGok-seoFenjTGhP3oPNUzKUOwzHhGpNMwSJsaHunyXDlBGjO&m=3JjPoO2FeIBSz3wggiqKGtYceKB5t__oSe8p6yDsQfM&s=oeCHfmZkkXVFW1aoMZsolXeFvKI9RTUtbdGBj61kheQ&e= > > I can send patches to bring 1.0.2n to rocko and pyro if they will be > accepted. patches welcome - Armin > > Thanks, > Robert -- _______________________________________________ Openembedded-core mailing list [email protected] http://lists.openembedded.org/mailman/listinfo/openembedded-core
