New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[openssl] upgrade to 1.0.2n #1053
Conversation
Thanks for the pull request! Here is what will happen next:
Thank you for contributing! |
Upgrade openssl to 1.0.2n to address CVE-2017-3737. [Version published announcement](http://www.mail-archive.com/openssl-announce@openssl.org/msg00258.html). [Security Advisory](http://www.mail-archive.com/openssl-announce@openssl.org/msg00259.html). Signed-off-by: Robb Kidd <robb@thekidds.org>
dd29221
to
5f78293
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since we missed a version, this update will cover the following CVEs:
Looks good, I'm going to pull this in some base package refresh work. |
Hello! Wanted to give you an update on this. This pull request has been incorporated into the base plans refresh. We are holding off on merging this refresh until after ChefConf(which takes place May 22-25 in Chicago, IL). If you have any questions, please feel free to ask! We greatly appreciate your work on this and look forward to getting it into master :) |
We've merged #1210 which contains this work. Thanks again!! |
Upgrade openssl to 1.0.2n to address CVE-2017-3737.
Version published announcement.
Security Advisory.