OpenSSL 1.0.1m considered harmful on Sparc
yann at pleiades.fr.eu.org
Mon Apr 20 22:24:00 CEST 2015
No special precaution I think.
You can speed the rebuild by using mgar platforms-fast or mgar package-fast
but that is not required.
2015-04-20 22:11 GMT+02:00 Dagobert Michelsen <dam at opencsw.org>:
> Hi Yann,
> Am 20.04.2015 um 22:09 schrieb Yann Rouillard <yann at pleiades.fr.eu.org>:
> Hi everybody,
> I still don't have enough time work on it but my advice would be to first
> try to recompile the openssl sparc package with all upstream Oracle patches
> disabled to ensure that check if it is an openssl upstream problem or not.
> Patches to disabled are: openssl-1.0.1m-fork_safe.patch,
> openssl-1.0.1m-pkcs11-engine.patch, openssl-1.0.1m-wanboot.patch,
> I will try to answer questions from whoever can work on this.
> I just had a discussion with Laurent about the rebuild: are there any
> special precautions to be
> taken or can it just be built by „mgar spotless && mgar platforms“?
> Best regards
> — Dago
> 2015-04-20 15:22 GMT+02:00 Dagobert Michelsen <dam at opencsw.org>:
>> Hi folks,
>> I want to raise the issue about OpenSSL 1.0.1m again. On Sparc we have now
>> two serious issues:
>> - BIND fails with crypto failure
>> - Solaris 9 applications have issues with hangs in unrelated code. This
>> has been seen
>> at least in GIT and Python
>> How do we proceed here? While I do notice that it would be good to
>> provide a working 1.0.1m
>> the status quo is that bad that I would suggest rolling back to 1.0.1l at
>> least on Sparc
>> if the issue can not be resolved in a reasonable timeframe.
>> Best regards
>> — Dago
>> "You don't become great by trying to be great, you become great by
>> wanting to do something,
>> and then doing it so hard that you become great in the process." - xkcd
> "You don't become great by trying to be great, you become great by wanting
> to do something,
> and then doing it so hard that you become great in the process." - xkcd
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the maintainers