Tiny Core Extensions > TCE News

Changes to openssl

(1/1)

Juanito:
Note that as of openssl >= 1.0.0, openssl is backwards compatible and thus, with the update to openssl-1.0.2d, the extension has been renamed from openssl-1.0.1 to openssl (and from openssl-1.0.0 to openssl in the corepure64 repo).

If users wish to update to this latest version of openssl, you will also need to update your local dep files containing references to openssl-1.0.1 (or openssl-1.0.0) - the easiest way to do this is by using the apps gui update deps function.

Thanks to gordon64 for the updates to the x86 and x86_64 openssl extensions and certificates.

gordon64:
Hi

I can not take all the credit.

Credit also to bmarkus and Juanito for their time, kind help, suggestions and testing.

gadget42:
didn't want to start a new thread regarding openssl but did want to get these links posted:

arstechnica from 2015:
https://arstechnica.com/information-technology/2015/10/breaking-512-bit-rsa-with-amazon-ec2-is-a-cinch-so-why-all-the-weak-keys/

semi-random 2017 commentary:
https://jameshfisher.com/2017/12/02/the-sorry-state-of-openssl-usability/

and the obligatory wikipedia:
https://en.wikipedia.org/wiki/OpenSSL

sharing is caring

nick65go:
Tinycore Current: 2021/02/18 updated 1.1.1f -> 1.1.1j

https://git.alpinelinux.org/aports/tree/main/openssl/APKBUILD: Version 1.1.q
Why? Because "sharing is caring" :)
# secfixes:
#   1.1.1q-r0:
#     - CVE-2022-2097
#   1.1.1n-r0:
#     - CVE-2022-0778
#   1.1.1l-r0:
#     - CVE-2021-3711
#     - CVE-2021-3712
#   1.1.1k-r0:
#     - CVE-2021-3449
#     - CVE-2021-3450
#   1.1.1j-r0:
#     - CVE-2021-23841
#     - CVE-2021-23840
#     - CVE-2021-23839

Navigation

[0] Message Index