[MacPorts] #68766: openssl3 @3.2.0_0+universal may have broken PRNG on High Sierra and older
MacPorts
noreply at macports.org
Tue Jan 30 21:06:17 UTC 2024
#68766: openssl3 @3.2.0_0+universal may have broken PRNG on High Sierra and older
------------------------+------------------------
Reporter: fhgwright | Owner: neverpanic
Type: defect | Status: closed
Priority: Normal | Milestone:
Component: ports | Version:
Resolution: fixed | Keywords:
Port: openssl3 |
------------------------+------------------------
Comment (by neverpanic):
So I'm about to commit the update to OpenSSL 3.2.1, and now I have to make
a choice for the 3.1.x branch in the Portfile:
- Do I leave it at 3.1.4, potentially exposing users to known CVEs? (not
the case this time since I did backport all CVE fixes that are in 3.1.5,
but it'll be a relevant question for the next time)
- Do I update to 3.1.5, increasing my workload because I need to test two
versions?
- Do I remove the if and update to 3.2.1, risking to break this again?
For this time, I'm going to put in the extra work to update to 3.1.5, but
I'm not willing to do this forever for a few users that continue to run
old operating systems.
Can one of you that has one of the affected machines please
- check whether this is still a problem with 3.2.1
- if it is, bisect the change that introduced the problem using the method
I outlined in comment:41 so that we can look into getting this fixed
upstream
- possibly narrow down the range of clang versions that miscompile this so
we can blacklist them
I have no way of replicating the problem myself, or I would already have
done these things.
--
Ticket URL: <https://trac.macports.org/ticket/68766#comment:69>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list