GNU bug report logs - #22831
OpenSSL should not depend on Perl

Previous Next

Full log

View this message in rfc822 format

From: Leo Famulari <leo <at> famulari.name>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 22831 <at> debbugs.gnu.org
Subject: bug#22831: OpenSSL should not depend on Perl
Date: Mon, 29 Feb 2016 03:47:38 -0500

On Sun, Feb 28, 2016 at 02:35:12PM +0100, Ludovic Courtès wrote:
> Leo Famulari <leo <at> famulari.name> skribis:
> 
> > On Sat, Feb 27, 2016 at 06:05:29PM +0100, Ludovic Courtès wrote:
> >> Commit 784d6e91 changed OpenSSL such that it does not depend on Perl,
> >> but one of the subsequent upgrades broke it:
> >
> > Bisecting, I narrowed it down to:
> > 86c8f1daf8ed10f13f2b1e973a28845629b8ce47
> > (gnu: openssl: Update to 1.0.2e [fixes CVE-2015-{3193,3194,3195}].).
> >
> > I'll get the openssl sources corresponding to the good and bad commmits
> > and try to figure out what changed that pulled perl back in.
> 
> Awesome.  Hopefully we can apply the fix when we upgrade OpenSSL this
> Tuesday.

'openssl-c-rehash.patch' is being applied, but at some point in the
build process the change is reverted.

I haven't figured out why yet. Ludo is right, it would be really good to
only change our OpenSSL package one day this week.

So, I'm asking for help with this problem!

I will spend some time on it tomorrow, but I really don't have any
promising leads. My plan is to step through the build process and learn
when the shebang is recreated. Hopefully then I will get some
inspiration.

I suppose a nasty short term fix would be to patch the file after
installing it. I will submit that patch if it seems there is no other
option in time for the security update.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.