Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings
forked frompython/cpython

Commite5bc753

Browse files
gpsheadzooba
authored andcommitted
pythongh-101726: Update the OpenSSL version to 1.1.1t (pythonGH-101727)
FixesCVE-2023-0286 (High) and a couple of Medium security issues.https://www.openssl.org/news/secadv/20230207.txt
1 parentc7fdc9c commite5bc753

File tree

9 files changed

+36
-21
lines changed

9 files changed

+36
-21
lines changed

‎.azure-pipelines/ci.yml‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ jobs:
6161
variables:
6262
testRunTitle:'$(build.sourceBranchName)-linux'
6363
testRunPlatform:linux
64-
openssl_version:1.1.1n
64+
openssl_version:1.1.1t
6565

6666
steps:
6767
-template:./posix-steps.yml
@@ -118,7 +118,7 @@ jobs:
118118
variables:
119119
testRunTitle:'$(Build.SourceBranchName)-linux-coverage'
120120
testRunPlatform:linux-coverage
121-
openssl_version:1.1.1n
121+
openssl_version:1.1.1t
122122

123123
steps:
124124
-template:./posix-steps.yml

‎.azure-pipelines/pr.yml‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ jobs:
6161
variables:
6262
testRunTitle:'$(system.pullRequest.TargetBranch)-linux'
6363
testRunPlatform:linux
64-
openssl_version:1.1.1n
64+
openssl_version:1.1.1t
6565

6666
steps:
6767
-template:./posix-steps.yml
@@ -118,7 +118,7 @@ jobs:
118118
variables:
119119
testRunTitle:'$(Build.SourceBranchName)-linux-coverage'
120120
testRunPlatform:linux-coverage
121-
openssl_version:1.1.1n
121+
openssl_version:1.1.1t
122122

123123
steps:
124124
-template:./posix-steps.yml

‎.github/workflows/build.yml‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -142,7 +142,7 @@ jobs:
142142
needs:check_source
143143
if:needs.check_source.outputs.run_tests == 'true'
144144
env:
145-
OPENSSL_VER:1.1.1n
145+
OPENSSL_VER:1.1.1t
146146
steps:
147147
-uses:actions/checkout@v2
148148
-name:Install Dependencies

‎Mac/BuildScript/build-installer.py‎

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -209,9 +209,9 @@ def library_recipes():
209209

210210
result.extend([
211211
dict(
212-
name="OpenSSL 1.1.1n",
213-
url="https://www.openssl.org/source/openssl-1.1.1n.tar.gz",
214-
checksum='2aad5635f9bb338bc2c6b7d19cbc9676',
212+
name="OpenSSL 1.1.1t",
213+
url="https://www.openssl.org/source/openssl-1.1.1t.tar.gz",
214+
checksum='8dee9b24bdb1dcbf0c3d1e9b02fb8f6bf22165e807f45adeb7c9677536859d3b',
215215
buildrecipe=build_universal_openssl,
216216
configure=None,
217217
install=None,
Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
Updated the OpenSSL version used in Windows and macOS binary release builds
2+
to 1.1.1t to address CVE-2023-0286, CVE-2022-4303, and CVE-2022-4303 per
3+
`the OpenSSL 2023-02-07 security advisory
4+
<https://www.openssl.org/news/secadv/20230207.txt>`_.

‎PCbuild/get_externals.bat‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ echo.Fetching external libraries...
4949

5050
setlibraries=
5151
setlibraries=%libraries% bzip2-1.0.8
52-
ifNOT"%IncludeSSLSrc%"=="false"setlibraries=%libraries% openssl-1.1.1s
52+
ifNOT"%IncludeSSLSrc%"=="false"setlibraries=%libraries% openssl-1.1.1t
5353
setlibraries=%libraries% sqlite-3.31.1.0
5454
ifNOT"%IncludeTkinterSrc%"=="false"setlibraries=%libraries% tcl-core-8.6.9.0
5555
ifNOT"%IncludeTkinterSrc%"=="false"setlibraries=%libraries% tk-8.6.9.0
@@ -72,7 +72,7 @@ for %%e in (%libraries%) do (
7272
echo.Fetching external binaries...
7373

7474
setbinaries=
75-
ifNOT"%IncludeSSL%"=="false"setbinaries=%binaries% openssl-bin-1.1.1s
75+
ifNOT"%IncludeSSL%"=="false"setbinaries=%binaries% openssl-bin-1.1.1t
7676
ifNOT"%IncludeTkinter%"=="false"setbinaries=%binaries% tcltk-8.6.9.0
7777
ifNOT"%IncludeSSLSrc%"=="false"setbinaries=%binaries% nasm-2.11.06
7878

‎PCbuild/python.props‎

Lines changed: 16 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -46,15 +46,22 @@
4646
<ExternalsDir>$(EXTERNALS_DIR)</ExternalsDir>
4747
<ExternalsDirCondition="$(ExternalsDir) == ''">$([System.IO.Path]::GetFullPath(`$(PySourcePath)externals`))</ExternalsDir>
4848
<ExternalsDirCondition="!HasTrailingSlash($(ExternalsDir))">$(ExternalsDir)\</ExternalsDir>
49-
<sqlite3Dir>$(ExternalsDir)sqlite-3.31.1.0\</sqlite3Dir>
50-
<bz2Dir>$(ExternalsDir)bzip2-1.0.8\</bz2Dir>
51-
<lzmaDir>$(ExternalsDir)xz-5.2.2\</lzmaDir>
52-
<opensslDir>$(ExternalsDir)openssl-1.1.1s\</opensslDir>
53-
<opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1s\$(ArchName)\</opensslOutDir>
54-
<opensslIncludeDir>$(opensslOutDir)include</opensslIncludeDir>
55-
<nasmDir>$(ExternalsDir)\nasm-2.11.06\</nasmDir>
56-
<zlibDir>$(ExternalsDir)\zlib-1.2.12\</zlibDir>
57-
49+
</PropertyGroup>
50+
51+
<ImportProject="$(ExternalProps)"Condition="$(ExternalProps) != '' and Exists('$(ExternalProps)')" />
52+
53+
<PropertyGroup>
54+
<sqlite3DirCondition="$(sqlite3Dir) == ''">$(ExternalsDir)sqlite-3.31.1.0\</sqlite3Dir>
55+
<bz2DirCondition="$(bz2Dir) == ''">$(ExternalsDir)bzip2-1.0.8\</bz2Dir>
56+
<lzmaDirCondition="$(lzmaDir) == ''">$(ExternalsDir)xz-5.2.2\</lzmaDir>
57+
<opensslDirCondition="$(opensslDir) == ''">$(ExternalsDir)openssl-1.1.1t\</opensslDir>
58+
<opensslOutDirCondition="$(opensslOutDir) == ''">$(ExternalsDir)openssl-bin-1.1.1t\$(ArchName)\</opensslOutDir>
59+
<opensslIncludeDirCondition="$(opensslIncludeDir) == ''">$(opensslOutDir)include</opensslIncludeDir>
60+
<nasmDirCondition="$(nasmDir) == ''">$(ExternalsDir)\nasm-2.11.06\</nasmDir>
61+
<zlibDirCondition="$(zlibDir) == ''">$(ExternalsDir)\zlib-1.2.12\</zlibDir>
62+
</PropertyGroup>
63+
64+
<PropertyGroup>
5865
<!-- Suffix for all binaries when building for debug-->
5966
<PyDebugExtCondition="'$(PyDebugExt)' == '' and $(Configuration) == 'Debug'">_d</PyDebugExt>
6067

‎PCbuild/readme.txt‎

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -165,7 +165,11 @@ _lzma
165165
Homepage:
166166
http://tukaani.org/xz/
167167
_ssl
168+
<<<<<<< HEAD
168169
Python wrapper for version 1.1.1c of the OpenSSL secure sockets
170+
=======
171+
Python wrapper for version 1.1.1t of the OpenSSL secure sockets
172+
>>>>>>> f42aca4d8d (gh-101726: Update the OpenSSL version to 1.1.1t (GH-101727))
169173
library, which is downloaded from our binaries repository at
170174
https://github.com/python/cpython-bin-deps.
171175

‎Tools/ssl/multissltests.py‎

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -48,8 +48,8 @@
4848
]
4949

5050
OPENSSL_RECENT_VERSIONS= [
51-
"1.1.1n",
52-
#"3.0.0-alpha2"
51+
"1.1.1t",
52+
"3.0.8"
5353
]
5454

5555
LIBRESSL_OLD_VERSIONS= [

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp