(https://bugzilla.tianocore.org/show_bug.cgi?id=927)
Update OpenSSL version to 1.1.0h release (27-Mar-2018) to include the fix for CVE-2018-0739 issue (Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service, Refer to https://www.openssl.org/news/secadv/20180327.txt for more information). Please note "git pull" will not update the submodule repository. use the following commend to make your existing submodule track this update: $ git submodule update -–recursive --remote Cc: Ye Ting <ting...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Long Qin <qin.l...@intel.com> --- CryptoPkg/Library/OpensslLib/openssl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CryptoPkg/Library/OpensslLib/openssl b/CryptoPkg/Library/OpensslLib/openssl index b2758a2292..d4e4bd2a81 160000 --- a/CryptoPkg/Library/OpensslLib/openssl +++ b/CryptoPkg/Library/OpensslLib/openssl @@ -1 +1 @@ -Subproject commit b2758a2292aceda93e9f44c219b94fe21bb9a650 +Subproject commit d4e4bd2a8163f355fa8a3884077eaec7adc75ff7 -- 2.16.1.windows.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel