On Tue, 19 Oct 2021 at 12:55, Florian Miedniak <florian.miedn...@de.abb.com> wrote:
> is there a rationale, why Configure is called with a bunch of > deprecated_crypto_flags in hardknott-next > <https://git.openembedded.org/openembedded-core/commit/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb?h=hardknott-next&id=557d956743ecf5e1d002ae0b2135b1307736b7c8>while > this is *not* done e.g. in dunfell > <https://git.openembedded.org/openembedded-core/commit/meta/recipes-connectivity/openssl/openssl_1.1.1k.bb?h=dunfell&id=0826a41940da14631043e2a496854dbb5da9a15f> > ? > Just had a look at openSSL release notes and the CVEs as referenced by > commit messages, but found no rationale there, too. > We stumbled upon this, since it deactivates SCRYPT algorithm. > This was done after dunfell was released, and was not backported to it. Current master (which has 3.0.0) has again dropped the idea, as it only resulted in mass reenabling of the supposedly deprecated stuff. I think we should simply trust upstream to make the right choices. Alex
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#157108): https://lists.openembedded.org/g/openembedded-core/message/157108 Mute This Topic: https://lists.openembedded.org/mt/86436895/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-