I have checked the m2crypto build issue and found out that I had to fix this for newer Yocto releases already. https://git.openembedded.org/meta-openembedded/commit/?id=f9158ce32fffa6f18eed4008c3295146c81d55ea Applying this commit to scarthgap works, so I have submitted it. https://lists.openembedded.org/g/openembedded-devel/message/124019
Peter From: Yoann Congal <[email protected]> Sent: Wednesday, January 28, 2026 12:05 To: Marko, Peter (FT D EU SK BFS1) <[email protected]> Cc: [email protected] Subject: Re: [OE-core][scarthgap][RFC PATCH 0/1] openssl: upgrade 3.2.6 -> 3.5.4 Le ven. 23 janv. 2026 à 18:02, Yoann Congal <[email protected]<mailto:[email protected]>> a écrit : Le ven. 23 janv. 2026 à 13:33, Peter Marko via lists.openembedded.org<http://lists.openembedded.org> <[email protected]<mailto:[email protected]>> a écrit : Intention of this RFC is to run full autobuilder job matrix to see if there are any failures not detected by my local testsuite. I created a poky branch with this patch : https://git.yoctoproject.org/poky-contrib/log/?h=ycongal/scarthgap/openssl_3.5_upgrade (above my -nut branch to decrease the probability of an unrelated AB-INT failure) I've started the build : https://autobuilder.yoctoproject.org/valkyrie/?#/builders/29/builds/3118 Hello, As discussed during the tech call of last tuesday, I've started builds: * a new a-full with rebased branch on the latest scarthgap (now, the branch is only scarthgap+this upgrade) * https://autobuilder.yoctoproject.org/valkyrie/#/builders/29/builds/3133/ failed on a unrelated AB-INT issue (#15945) but is otherwise OK * a meta-oe build (which includes a world build for meta-oe, meta-python, meta-networking & meta-filesystems): * https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1277 * *Failed on python3-m2crypto* (log.do_compile => https://gist.github.com/ycongal-smile/4c6501ecd81c9f475b793234cceb7a74) * to compare, I've started the same build with a vanilla scarthgap branch (without the openssl upgrade): * https://autobuilder.yoctoproject.org/valkyrie/#/builders/81/builds/1278 => success (albeit with warnings) Can you investigate this python3-m2crypto failure? Also, the "meta-oe" build does not cover every layer in meta-openembedded, I think I will increase coverage to all the meta-openembedded layers for the next run... Topic for discussion is especially what should be the final form of this upgrade as some users may want to stay on openssl 3.2.x originally shipped with Yocto 5.0 Scarthgap. Current form was chosen to easily review recipe/patch differences. Is it fine to overwrite or do we need to keep both version and make one the default and other optional? Which would be tested on AB? Peter Marko (1): openssl: upgrade 3.2.6 -> 3.5.4 .../openssl/files/environment.d-openssl.sh<http://environment.d-openssl.sh> | 9 ++- ...ke-history-reporting-when-test-fails.patch | 19 +++-- ...1-Configure-do-not-tweak-mips-cflags.patch | 4 +- ...sysroot-and-debug-prefix-map-from-co.patch | 26 ++++--- .../0001-extend-check_cwm-test-timeout.patch | 32 ++++++++ .../openssl/openssl/CVE-2024-41996.patch | 44 ----------- .../{openssl_3.2.6.bb<http://openssl_3.2.6.bb> => openssl_3.5.4.bb<http://openssl_3.5.4.bb>} | 76 +++++++++++++------ 7 files changed, 116 insertions(+), 94 deletions(-) create mode 100644 meta/recipes-connectivity/openssl/openssl/0001-extend-check_cwm-test-timeout.patch delete mode 100644 meta/recipes-connectivity/openssl/openssl/CVE-2024-41996.patch rename meta/recipes-connectivity/openssl/{openssl_3.2.6.bb<http://openssl_3.2.6.bb> => openssl_3.5.4.bb<http://openssl_3.5.4.bb>} (75%) -- Yoann Congal Smile ECS -- Yoann Congal Smile ECS
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#230247): https://lists.openembedded.org/g/openembedded-core/message/230247 Mute This Topic: https://lists.openembedded.org/mt/117416674/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
