[OpenSSL] Update to 1.1.1k by metsma · Pull Request #16937 · microsoft/vcpkg

metsma · 2021-03-29T08:00:32Z

Security fixes for CVE-2021-3450 and CVE-2021-3449
https://www.openssl.org/news/vulnerabilities.html
Use similar configure log file pattern as build log

Signed-off-by: Raul Metsma raul@metsma.ee

Fixed #17233

NancyLi1013 · 2021-03-30T02:34:25Z

Hi @metsma
Thanks for your PR.

The failures on x86-windows like this:

CMake Error at CMakeLists.txt:377 (message):
  Must be able to find shared_ptr

metsma · 2021-03-30T04:19:28Z

OpenSSL is pure C and this is C++ class. Are you sure this error comes from OpenSSL

NancyLi1013 · 2021-04-01T09:36:27Z

The error is from coolprop:

-- Found PythonInterp: D:/downloads/tools/python/python-2.7.16-x86/python.exe (found suitable version "2.7.16", minimum required is "2.7") 
-- Looking for C++ include memory
-- Looking for C++ include memory - not found
-- Looking for C++ include tr1/memory
-- Looking for C++ include tr1/memory - not found
CMake Error at CMakeLists.txt:377 (message):
  Must be able to find shared_ptr


-- Configuring incomplete, errors occurred!

I tried to build this port on my machine and it can be built successfully.

Comparing with the configure log, I found something different:

-- Found PythonInterp: F:/16937/vcpkg/downloads/tools/python/python-2.7.16-x86/python.exe (found suitable version "2.7.16", minimum required is "2.7") 
-- Looking for C++ include memory
-- Looking for C++ include memory - found
-- Performing Test HAVE_SHARED_PTR_IN_STD_NAMESPACE
-- Performing Test HAVE_SHARED_PTR_IN_STD_NAMESPACE - Success
-- Found shared_ptr in std namespace using <memory> header.

So the root cause seems that memory cannot be found on CI test machine.

PhoebeHui · 2021-04-02T11:59:17Z

/azp run

azure-pipelines · 2021-04-02T11:59:26Z

Azure Pipelines successfully started running 1 pipeline(s).

NancyLi1013 · 2021-04-14T02:30:08Z

/azp run

azure-pipelines · 2021-04-14T02:30:16Z

Azure Pipelines successfully started running 1 pipeline(s).

NancyLi1013 · 2021-04-14T05:52:56Z

The failures caused by popsift will be fixed by #17277.

NancyLi1013 · 2021-04-15T01:50:35Z

/azp run

azure-pipelines · 2021-04-15T01:50:44Z

Azure Pipelines successfully started running 1 pipeline(s).

NancyLi1013 · 2021-04-16T02:08:27Z

LGTM, thanks for your update @metsma.

IceCodeNew · 2021-04-18T13:46:41Z

ping
@NancyLi1013

Hoikas · 2021-04-24T00:14:06Z

IMO This should be a priority over all other openssl port updates, considering the security content...

NancyLi1013 · 2021-04-25T02:06:36Z

@metsma

Could you please resolve the conflicts in this PR?

Signed-off-by: Raul Metsma <raul@metsma.ee>

metsma · 2021-04-25T16:28:20Z

Conflict resolved

IceCodeNew · 2021-04-26T04:33:19Z

Will the failed check block this PR?
I see the marble somehow failed compiled in two different checks.

Hoikas · 2021-04-26T05:44:37Z

The failure seems to be fixed by #17492.

NancyLi1013 · 2021-04-26T05:50:51Z

Will the failed check block this PR?
I see the marble somehow failed compiled in two different checks.

This failure is not related with this PR, but we need to wait for the PR #17492 merged. I will rerun this PR once solved.

metsma · 2021-04-28T08:38:19Z

It has been already month? How long takes to merge CVE fixes?

NancyLi1013 · 2021-04-28T09:33:01Z

It has been already month? How long takes to merge CVE fixes?

Sorry for the long delay. Currently, we need to wait for PR #17492 merged.

NancyLi1013 · 2021-04-29T02:03:57Z

/azp run

azure-pipelines · 2021-04-29T02:04:15Z

Azure Pipelines successfully started running 1 pipeline(s).

NancyLi1013 · 2021-04-30T03:10:31Z

@strega-nil , @BillyONeal

Could you please help merge this PR?

Thanks.

strega-nil-ms · 2021-04-30T18:34:52Z

Thanks @metsma, this is great :)

NancyLi1013 self-assigned this Mar 30, 2021

NancyLi1013 added the category:port-update The issue is with a library, which is requesting update new revision label Mar 30, 2021

NancyLi1013 added the requires:author-response label Mar 30, 2021

NancyLi1013 approved these changes Apr 2, 2021

View reviewed changes

NancyLi1013 removed the requires:author-response label Apr 2, 2021

Hoikas mentioned this pull request Apr 12, 2021

[OpenSSL] update to 1.1.1k #17233

Closed

NancyLi1013 mentioned this pull request Apr 13, 2021

How do I configure OpenSSL package? #17183

Closed

NancyLi1013 added the info:needs-maintainer-attention Lets the current 'on rotation' vcpkg maintainer know they need to look at this. label Apr 16, 2021

strega-nil force-pushed the openssl branch from a028a7b to 64cbf4b Compare April 20, 2021 16:26

metsma added 2 commits April 25, 2021 11:28

[OpenSSL] Update to 1.1.1k

28428a9

Signed-off-by: Raul Metsma <raul@metsma.ee>

Update JSON file

84fc43f

Signed-off-by: Raul Metsma <raul@metsma.ee>

metsma force-pushed the openssl branch from 64cbf4b to 84fc43f Compare April 25, 2021 08:31

shiena mentioned this pull request Apr 25, 2021

[openssl] update to 1.1.1k #17499

Closed

NancyLi1013 added the depends:different-pr This PR or Issue depends on a PR which has been filed label Apr 26, 2021

Hoikas mentioned this pull request Apr 29, 2021

[Openssl] Fix mingw build #17456

Merged

NancyLi1013 removed the depends:different-pr This PR or Issue depends on a PR which has been filed label Apr 29, 2021

Merge remote-tracking branch 'origin/master' into HEAD

55744d9

strega-nil-ms merged commit 85308d1 into microsoft:master Apr 30, 2021

metsma deleted the openssl branch April 30, 2021 18:43

lstipakov mentioned this pull request Jun 16, 2021

[OpenSSL] support for "no-autoload-config" config option #18389

Merged

Conversation

metsma commented Mar 29, 2021 • edited by NancyLi1013 Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

NancyLi1013 commented Mar 30, 2021

Uh oh!

metsma commented Mar 30, 2021

Uh oh!

NancyLi1013 commented Apr 1, 2021

Uh oh!

PhoebeHui commented Apr 2, 2021

Uh oh!

azure-pipelines bot commented Apr 2, 2021

Uh oh!

NancyLi1013 commented Apr 14, 2021

Uh oh!

azure-pipelines bot commented Apr 14, 2021

Uh oh!

NancyLi1013 commented Apr 14, 2021

Uh oh!

NancyLi1013 commented Apr 15, 2021

Uh oh!

azure-pipelines bot commented Apr 15, 2021

Uh oh!

NancyLi1013 commented Apr 16, 2021

Uh oh!

IceCodeNew commented Apr 18, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Hoikas commented Apr 24, 2021

Uh oh!

NancyLi1013 commented Apr 25, 2021

Uh oh!

metsma commented Apr 25, 2021

Uh oh!

IceCodeNew commented Apr 26, 2021

Uh oh!

Hoikas commented Apr 26, 2021

Uh oh!

NancyLi1013 commented Apr 26, 2021

Uh oh!

metsma commented Apr 28, 2021

Uh oh!

NancyLi1013 commented Apr 28, 2021

Uh oh!

NancyLi1013 commented Apr 29, 2021

Uh oh!

azure-pipelines bot commented Apr 29, 2021

Uh oh!

NancyLi1013 commented Apr 30, 2021

Uh oh!

strega-nil-ms commented Apr 30, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

metsma commented Mar 29, 2021 •

edited by NancyLi1013

Loading

IceCodeNew commented Apr 18, 2021 •

edited

Loading