Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

openssl_1_1: mark end-of-life #232521

Merged
merged 1 commit into from
May 19, 2023
Merged

openssl_1_1: mark end-of-life #232521

merged 1 commit into from
May 19, 2023

Conversation

mweinelt
Copy link
Member

https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/

Closes: #210452

Description of changes
Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 23.05 Release Notes (or backporting 22.11 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
  • Fits CONTRIBUTING.md.

@mweinelt mweinelt marked this pull request as draft May 17, 2023 23:42
@ofborg ofborg bot added 8.has: clean-up 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux labels May 18, 2023
RaitoBezarius
RaitoBezarius approved these changes May 18, 2023
View reviewed changes
Copy link
Member

@RaitoBezarius RaitoBezarius left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's do it earlier than later :).

@mweinelt mweinelt marked this pull request as ready for review May 18, 2023 13:16
@ajs124 ajs124 merged commit 7b764ae into NixOS:master May 19, 2023
@mweinelt mweinelt deleted the openssl_1_1_eol branch May 19, 2023 13:24
@PedroHLC
Copy link
Member

PedroHLC commented May 20, 2023
edited
Loading

Hey user, if you came here looking for what packages have brought you to the insecure side of the force, it's either:

  • sublime4
  • you have the latest elixir, but the minimum OTP is set to 23, and now you need to upgrade it to erlang 24+
  • powershell
  • kotatogram
  • ruby (interpreter) older than 3.0
  • ruby's openssl gem
  • older php than 8.1
  • appflowy
  • aws-workspace
  • common-lisp ssl and async-ssl
  • intel's ipp-crypto and linux-sgx
  • viber (instant-messenger)
  • runescape-launcher
  • azure-static-sites-client
  • home-assistant-chip-core

(I may be wrong on a few)

You can try:

NIXPKGS_ALLOW_INSECURE=1 nix why-depends --impure \
  ".#nixosConfigurations.$youroutputname.config.system.build.toplevel" \
  ".#nixosConfigurations.$youroutputname.pkgs.openssl_1_1"

Or just mark this package insecure and pray 🙏

@zhaofengli zhaofengli mentioned this pull request May 21, 2023
Merged
13 tasks
@nixos-discourse
Copy link

This pull request has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/nixos-23-05-released/28649/11

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@RaitoBezarius RaitoBezarius RaitoBezarius approved these changes

Assignees
No one assigned
Labels
8.has: clean-up 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin 10.rebuild-linux: 0 This PR does not cause any packages to rebuild on Linux
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

openssl_1_1 mark as insecure/remove before 23.05 branchoff
5 participants
@mweinelt @PedroHLC @nixos-discourse @RaitoBezarius @ajs124