Bugzilla – Bug 1201627
openssl-1_0_0 FTBFS 2023-05-26
Last modified: 2023-05-09 13:40:56 UTC
While working on reproducible builds for openSUSE, I found that our openssl-1_0_0 package fails build after 2023-05-26 To Reproduce: osc co openSUSE:Factory/openssl-1_0_0 && cd $_ osc build --vm-type=kvm --noservice --clean \ --build-opt=--vm-custom-opt="-rtc base=2023-05-26T18:00:00" standard It is probably possible to re-use the solution from bug 1185637
for p in $(find test/ -name \*.pem|sort) ; do certtool -i < $p |grep After.*26.*2023 && echo $p done 2>/dev/null Not After: Fri May 26 17:28:31 UTC 2023 test/smime-certs/smdsa1.pem Not After: Fri May 26 17:28:31 UTC 2023 test/smime-certs/smdsa2.pem Not After: Fri May 26 17:28:31 UTC 2023 test/smime-certs/smdsa3.pem Not After: Fri May 26 17:28:31 UTC 2023 test/smime-certs/smec1.pem Not After: Fri May 26 17:28:31 UTC 2023 test/smime-certs/smec2.pem Not After: Fri May 26 17:28:30 UTC 2023 test/smime-certs/smrsa1.pem Not After: Fri May 26 17:28:30 UTC 2023 test/smime-certs/smrsa2.pem Not After: Fri May 26 17:28:30 UTC 2023 test/smime-certs/smrsa3.pem One or more of these will need to be refreshed.
This is an autogenerated message for OBS integration: This bug (1201627) was mentioned in https://build.opensuse.org/request/show/1046230 Factory / openssl-1_0_0
Changes submitted into affected code streams: openSUSE:Factory 1046230 SUSE:SLE-12-SP4:Update 287542 SLE-15:Update 287543
SUSE-RU-2023:0107-1: An update that has one recommended fix can now be installed. Category: recommended (moderate) Bug References: 1201627 CVE References: JIRA References: Sources used: openSUSE Leap 15.4 (src): openssl-1_0_0-1.0.2p-150000.3.62.1 SUSE Linux Enterprise Module for Legacy Software 15-SP4 (src): openssl-1_0_0-1.0.2p-150000.3.62.1 SUSE Enterprise Storage 6 (src): openssl-1_0_0-1.0.2p-150000.3.62.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2023:0306-1: An update that solves three vulnerabilities and has one errata is now available. Category: security (important) Bug References: 1201627,1207533,1207534,1207536 CVE References: CVE-2022-4304,CVE-2023-0215,CVE-2023-0286 JIRA References: Sources used: SUSE OpenStack Cloud Crowbar 9 (src): openssl-1_0_0-1.0.2p-3.64.1 SUSE OpenStack Cloud 9 (src): openssl-1_0_0-1.0.2p-3.64.1 SUSE Linux Enterprise Software Development Kit 12-SP5 (src): openssl-1_0_0-1.0.2p-3.64.1 SUSE Linux Enterprise Server for SAP 12-SP4 (src): openssl-1_0_0-1.0.2p-3.64.1 SUSE Linux Enterprise Server 12-SP5 (src): openssl-1_0_0-1.0.2p-3.64.1 SUSE Linux Enterprise Server 12-SP4-LTSS (src): openssl-1_0_0-1.0.2p-3.64.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
All codestreams fixed, closing this bug.
SUSE-SU-2023:0684-1: An update that solves three vulnerabilities and has two fixes can now be installed. Category: security (important) Bug References: 1201627, 1202062, 1207533, 1207534, 1207536 CVE References: CVE-2022-4304, CVE-2023-0215, CVE-2023-0286 Sources used: SUSE Linux Enterprise Server 12 SP2 BCL 12-SP2 (src): openssl-1.0.2j-60.86.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.