Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Update to OpenSSL 3.3.1 to avoid the issue with subprocess.check… #7566

Merged
merged 4 commits into from
Oct 18, 2024
Merged

fix: Update to OpenSSL 3.3.1 to avoid the issue with subprocess.check… #7566

merged 4 commits into from
Oct 18, 2024

Conversation

dkphm
Copy link
Contributor

@dkphm dkphm commented Oct 14, 2024

…_output

Which issue(s) does this change fix?

#7408

Why is this change necessary?

To address the issue of git clone return status 128 with sam init running on some Linux distributions.

How does it address the issue?

The issue happened because older version of OpenSSL 3 interfered with Python's subprocess PIPE output, causing git clone exited with an error.

What side effects does this change have?

Newer version of OpenSSL 3 might cause other issues.

Mandatory Checklist

PRs will only be reviewed after checklist is complete

  • Add input/output type hints to new functions/methods
  • Write design document if needed (Do I need to write a design document?)
  • Write/update unit tests
  • Write/update integration tests
  • Write/update functional tests if needed
  • make pr passes
  • make update-reproducible-reqs if dependencies were changed
  • Write documentation

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@dkphm dkphm requested a review from a team as a code owner October 14, 2024 19:21
@dkphm dkphm requested review from mildaniel and sidhujus October 14, 2024 19:21
@github-actions github-actions bot added pr/external stage/needs-triage Automatically applied to new issues and PRs, indicating they haven't been looked at. labels Oct 14, 2024
@dkphm dkphm added pr/internal and removed pr/external stage/needs-triage Automatically applied to new issues and PRs, indicating they haven't been looked at. labels Oct 16, 2024
@mndeveci mndeveci enabled auto-merge October 18, 2024 16:24
hnnasit
hnnasit reviewed Oct 18, 2024
View reviewed changes
installer/pyinstaller/build-linux.sh
@@ -16,7 +16,7 @@ if [ "$python_version" = "" ]; then
fi

if [ "$openssl_version" = "" ]; then
openssl_version="3.0.15";
openssl_version="3.3.1";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we also make sure there's no CVE's detected in the new version being used? We can also monitor that once this PR is merged.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, it seems like there is no report about this version yet (only some fixes). https://openssl-library.org/news/vulnerabilities/index.html

I agree that we should monitor pipeline afterwards

@mndeveci mndeveci added this pull request to the merge queue Oct 18, 2024
Merged via the queue into aws:develop with commit 62ea5de Oct 18, 2024
55 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mndeveci mndeveci mndeveci approved these changes

@hnnasit hnnasit hnnasit approved these changes

@mildaniel mildaniel Awaiting requested review from mildaniel mildaniel was automatically assigned from aws/serverless-application-experience-sbt

@sidhujus sidhujus Awaiting requested review from sidhujus sidhujus was automatically assigned from aws/serverless-application-experience-sbt

Assignees
No one assigned
Labels
pr/internal
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dkphm @mndeveci @hnnasit