[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#22831: OpenSSL should not depend on Perl
|
From: |
Ludovic Courtès |
|
Subject: |
bug#22831: OpenSSL should not depend on Perl |
|
Date: |
Tue, 01 Mar 2016 18:24:15 +0100 |
|
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) |
address@hidden (Ludovic Courtès) skribis:
> Leo Famulari <address@hidden> skribis:
>
>> On Sun, Feb 28, 2016 at 02:35:12PM +0100, Ludovic Courtès wrote:
>>> Leo Famulari <address@hidden> skribis:
>>>
>>> > On Sat, Feb 27, 2016 at 06:05:29PM +0100, Ludovic Courtès wrote:
>>> >> Commit 784d6e91 changed OpenSSL such that it does not depend on Perl,
>>> >> but one of the subsequent upgrades broke it:
>>> >
>>> > Bisecting, I narrowed it down to:
>>> > 86c8f1daf8ed10f13f2b1e973a28845629b8ce47
>>> > (gnu: openssl: Update to 1.0.2e [fixes CVE-2015-{3193,3194,3195}].).
>>> >
>>> > I'll get the openssl sources corresponding to the good and bad commmits
>>> > and try to figure out what changed that pulled perl back in.
>>>
>>> Awesome. Hopefully we can apply the fix when we upgrade OpenSSL this
>>> Tuesday.
>>
>> 'openssl-c-rehash.patch' is being applied, but at some point in the
>> build process the change is reverted.
>
> In the source, I see:
>
> $ find -name c_rehash\*
> ./tools/c_rehash
> ./tools/c_rehash.in
> ./doc/apps/c_rehash.pod
>
> Could it be that the unpatched one ends up being installed or something?
Indeed. Fixed in caeadfd, though without #:allowed-references—it’ll be
more convenient to use #:disallowed-references when it’s implemented.
Ludo’.