Update openssl crate to version 0.10.70
This fixes CVE-2025-24898 Resolves: RHEL-77725 Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
This commit is contained in:
Anderson Toshiyuki Sasaki
parent
fc8305a681
commit
46e345a070
@ -59,6 +59,9 @@ Source1: rust-keylime-%{version}-vendor.tar.xz
|
||||
Patch0: rust-keylime-enable-logging-keylime-lib.patch
|
||||
# Drop completely the legacy-python-actions feature
|
||||
Patch1: rust-keylime-metadata.patch
|
||||
# Update to openssl 0.10.70 to fix CVE-2025-24898
|
||||
# Patch from https://github.com/keylime/rust-keylime/pull/926
|
||||
Patch2: rust-keylime-openssl-0.10.70.patch
|
||||
## (100-199) Patches for building from system Rust libraries (Fedora)
|
||||
## (200+) Patches for building from vendored Rust libraries (RHEL)
|
||||
|
||||
|
||||
62
rust-keylime-openssl-0.10.70.patch
Normal file
62
rust-keylime-openssl-0.10.70.patch
Normal file
@ -0,0 +1,62 @@
|
||||
From 6087804c15b16a1456a191ccea25acec7a3f7fc0 Mon Sep 17 00:00:00 2001
|
||||
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
|
||||
Date: Tue, 4 Feb 2025 09:55:03 +0000
|
||||
Subject: [PATCH] build(deps): bump openssl from 0.10.68 to 0.10.70
|
||||
|
||||
Bumps [openssl](https://github.com/sfackler/rust-openssl) from 0.10.68 to 0.10.70.
|
||||
- [Release notes](https://github.com/sfackler/rust-openssl/releases)
|
||||
- [Commits](https://github.com/sfackler/rust-openssl/compare/openssl-v0.10.68...openssl-v0.10.70)
|
||||
|
||||
---
|
||||
updated-dependencies:
|
||||
- dependency-name: openssl
|
||||
dependency-type: direct:production
|
||||
...
|
||||
|
||||
Signed-off-by: dependabot[bot] <support@github.com>
|
||||
---
|
||||
Cargo.lock | 14 +++++++-------
|
||||
1 file changed, 7 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/Cargo.lock b/Cargo.lock
|
||||
index 6cf79ea7..4c0ac1e6 100644
|
||||
--- a/Cargo.lock
|
||||
+++ b/Cargo.lock
|
||||
@@ -1387,9 +1387,9 @@ checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
|
||||
|
||||
[[package]]
|
||||
name = "openssl"
|
||||
-version = "0.10.68"
|
||||
+version = "0.10.70"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
-checksum = "6174bc48f102d208783c2c84bf931bb75927a617866870de8a4ea85597f871f5"
|
||||
+checksum = "61cfb4e166a8bb8c9b55c500bc2308550148ece889be90f609377e58140f42c6"
|
||||
dependencies = [
|
||||
"bitflags 2.4.0",
|
||||
"cfg-if",
|
||||
@@ -1402,20 +1402,20 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "openssl-macros"
|
||||
-version = "0.1.0"
|
||||
+version = "0.1.1"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
-checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c"
|
||||
+checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
|
||||
dependencies = [
|
||||
"proc-macro2",
|
||||
"quote",
|
||||
- "syn 1.0.100",
|
||||
+ "syn 2.0.90",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "openssl-sys"
|
||||
-version = "0.9.104"
|
||||
+version = "0.9.105"
|
||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||
-checksum = "45abf306cbf99debc8195b66b7346498d7b10c210de50418b5ccd7ceba08c741"
|
||||
+checksum = "8b22d5b84be05a8d6947c7cb71f7c849aa0f112acd4bf51c2a7c1c988ac0a9dc"
|
||||
dependencies = [
|
||||
"cc",
|
||||
"libc",
|
||||
2
sources
2
sources
@ -1,2 +1,2 @@
|
||||
SHA512 (rust-keylime-0.2.7-vendor.tar.xz) = 0359a2f95b6325f1cdcf24b54efb26d3cadff31e0a83c065cbca09cdfb5877a836364d68e9208eee498f41bc609b7312ff487fee923593e6af07201084a2b3e7
|
||||
SHA512 (rust-keylime-0.2.7-vendor.tar.xz) = 1b014fdede3e945ab37e38de62737d90d1a4f7e95379e00d039bbfc68b73e1bcedccea37d81326bd02b18a43bff150f378d090639047bcea88f3689472942512
|
||||
SHA512 (v0.2.7.tar.gz) = 6a9f4e581aa49c8be1599d235a54c6a65d0f45340ef37c3d08124b75c4c5ca2b8467dc00cac8dfae5402b5690bb90fe69a994770fe2715de6e9d4070dabebb7d
|
||||
|
||||
Loading…
Reference in New Issue
Block a user