FS#71597 : [tensorflow] Switch to openssl from openssl-1.0

FS#71597 - [tensorflow] Switch to openssl from openssl-1.0

Attached to Project: Community Packages
Opened by loqs (loqs) - Friday, 23 July 2021, 20:50 GMT
Last edited by Sven-Hendrik Haase (Svenstaro) - Wednesday, 28 July 2021, 01:00 GMT

Task Type	Feature Request
Category	Packages
Status	Closed
Assigned To	Sven-Hendrik Haase (Svenstaro) Konstantin Gizdov (kgizdov)
Architecture	All
Severity	Very Low
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Description:
Please consider switching from openssl-1.0 to openssl. This would add support for TLS 1.3 and avoid the security issues with openssl-1.0 [1].
This requires a minor compatibility patch [2]. Changes required to PKGBUILD are [3].
Patch is not upstreamable in this form as upstream at least from the comments in [4] still supports openssl 1.0 so would require ifdef detection of openssl 1.0, openssl 1.1, boringssl and possibly openssl 3.0. Assuming upstream would take a patch at all for versions they currently do not use. This was tested using the reproducer attached to ~~FS#67449~~ .

Additional info:
* tensorflow 2.5.0-5
[1] https://security.archlinux.org/package/openssl-1.0
[2] openssl-1.1-patch
[3] PKGBUILD.diff
[4] https://github.com/tensorflow/tensorflow/blob/v2.6.0-rc1/tensorflow/core/platform/cloud/oauth_client.cc#L100

openssl-1.1.patch (1 KiB)

PKGBUILD.diff (3.1 KiB)

This task depends upon

Closed by Sven-Hendrik Haase (Svenstaro)
Wednesday, 28 July 2021, 01:00 GMT
Reason for closing: Fixed
Additional comments about closing: In testing

Comment by Sven-Hendrik Haase (Svenstaro) - Tuesday, 27 July 2021, 21:49 GMT

Seems reasonable enough. Compiling with the patches.

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#71597 - [tensorflow] Switch to openssl from openssl-1.0

Details

Loading...