Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v16.14.2 proposal #42385

Merged
merged 4 commits into from Mar 18, 2022
Merged

v16.14.2 proposal #42385

merged 4 commits into from Mar 18, 2022

Commits on Mar 17, 2022

  1. deps: upgrade openssl sources to OpenSSL_1_1_1n 

    This updates all sources in deps/openssl/openssl by:
    $ git clone https://github.com/quictls/openssl
    $ cd openssl
    $ git checkout OpenSSL_1_1_1n+quic
    $ cd ../node/deps/openssl
    $ rm -rf openssl
    $ cp -R ../openssl openssl
    $ rm -rf openssl/.git* openssl/.travis*
    $ git add --all openssl
    $ git commit openssl

PR-URL: #42352
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
    @hassaanp @richardlau
    hassaanp authored and richardlau committed Mar 17, 2022
    Copy the full SHA
    7a6a870 View commit details
    Browse the repository at this point in the history

  2. deps: update archs files for OpenSSL-1.1.1 

     After an OpenSSL source update, all the config files need to be
 regenerated and committed by:
    $ make -C deps/openssl/config
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: #42352
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
    @hassaanp @richardlau
    hassaanp authored and richardlau committed Mar 17, 2022
    Copy the full SHA
    3924618 View commit details
    Browse the repository at this point in the history

  3. test: fix tests affected by OpenSSL update 

    Last OpenSSL 3 update changes behaviour back to be
closer to that of OpenSSL 1.1.1. Remove some instances
where we expected different errors from OpenSSL 3 versus
OpenSSL 1.1.1.

Signed-off-by: Michael Dawson <midawson@redhat.com>

PR-URL: #42352
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
    @mhdawson @richardlau
    mhdawson authored and richardlau committed Mar 17, 2022
    Copy the full SHA
    c533b43 View commit details
    Browse the repository at this point in the history

  4. 2022-03-17, Version 16.14.2 'Gallium' (LTS) 

    This is a security release.

Notable changes:

Update to OpenSSL 1.1.1n, which addresses the following vulnerability:
- Infinite loop in BN_mod_sqrt() reachable when parsing certificates (High)(CVE-2022-0778)
  More details are available at https://www.openssl.org/news/secadv/20220315.txt

PR-URL: #42385
    @richardlau
    richardlau committed Mar 17, 2022
    Copy the full SHA
    442e84a View commit details
    Browse the repository at this point in the history