openssl: upgrade 1.1.1l -> 1.1.1n

Upgrade openssl 1.1.1l -> 1.1.1n to fix CVE-2022-0778: https://nvd.nist.gov/vuln/detail/CVE-2022-0778 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=3118eb64934499d93db3230748a452351d1d9a65 This also fixes an evp_extra_test ptest failure introduced by openssl-1.1.1m: """ not ok 19 - test_signatures_with_engine ERROR: (ptr) 'e = ENGINE_by_id(engine_id) != NULL' failed @ ../openssl-1.1.1m/test/evp_extra_test.c:1890 0x0 not ok 20 - test_cipher_with_engine <snip> """ The ptest change is already present in Yocto master since oe-core commit 5cd40648b0ba ("openssl: upgrade to 3.0.1"). (From OE-Core rev: efb991167652b148da299e6297da5ab2d715e2b4) Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2025-07-19 12:59:02 +02:00 · 2022-03-20 11:29:13 +02:00 · 2022-03-20 11:29:13 +02:00 · ad196b05e2
commit ad196b05e2
parent 1adce7ef96
1 changed files with 2 additions and 1 deletions
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb
@ -29,7 +29,7 @@ SRC_URI_append_riscv32 = " \
           file://0004-Fixup-support-for-io_pgetevents_time64-syscall.patch \
           "

-SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1"
+SRC_URI[sha256sum] = "40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a"

 inherit lib_package multilib_header multilib_script ptest
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
@ -204,6 +204,7 @@ do_install_ptest () {
 	install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps

 	install -d ${D}${PTEST_PATH}/engines
+	install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines
 	install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines

        # seems to be needed with perl 5.32.1