Upgrade openssl version to 1.1.1n to address CVE-2022-0778 #228
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
marcoemorais-aws
suggested changes
Mar 18, 2022
| @@ -31,9 +31,9 @@ RUN curl -sSL https://github.com/Kitware/CMake/releases/download/v3.10.0/cmake-3 | |||
| # Install OpenSSL 1.1.1 | |||
There was a problem hiding this comment.
@BolongZhang-AWS Can you build each of the 3 container images locally and push to docker.pkg.github.com/awslabs/aws-iot-device-client/{ubi8|ubuntu-16-x64|amazonlinux} so that the CI builds are run inside of the containers containing the new dependencies? I am sending you a dm with the details for how to publish.
There was a problem hiding this comment.
Addressed this comment with additional commits on this PR.
shangabl
previously approved these changes
Mar 18, 2022
…bff882014bcc57fd5348f758397bc
HarshGandhi-AWS
approved these changes
Mar 18, 2022
shangabl
approved these changes
Mar 18, 2022
marcoemorais-aws
approved these changes
Mar 18, 2022
joenghoyin
pushed a commit
to eguanatech/aws-iot-device-client-deprecated
that referenced
this pull request
Aug 29, 2023
* Upgrade openssl version to 1.1.1n to address CVE-2022-0778 * Parameterize builds with OPENSSL_VERSION * Bump sdk from 15bb0b2123b0ab0a85e866c6e8d5b2713a923370 to 3223ce81919bff882014bcc57fd5348f758397bc Co-authored-by: Marco Morais <[email protected]> # Conflicts: # .github/docker-images/amazonlinux/Dockerfile # .github/docker-images/ubi8/Dockerfile # .github/docker-images/ubuntu-16-x64/Dockerfile # CMakeLists.txt.awssdk
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation
Modifications
Change summary
Upgrade openssl version to 1.1.1n in the build file and dockerfile.
Update the SDK commit hash in the dockerfile.
A separate PR will be submitted to upgrade the docker images.
Revision diff summary
If there is more than one revision, please explain what has been changed since the last revision.
Testing
Build the device client with the latest sdk
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.