Date: Mon, 6 Apr 2026 06:49:15 +0300 From: Dima Panov <fluffy@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org, Enji Cooper <ngie@FreeBSD.org> Subject: git: f25b8c9fb4f5 - main - openssl: import 3.5.5 Message-ID: <cf5397df-ac0b-4e08-8d70-a5be724c9792@FreeBSD.org> In-Reply-To: <697e7de2.42768.a2d8647@gitrepo.freebsd.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Hello! latest openssl 3.5.x updates in base missed openssl/ml_kem.h include to install Now we have consumers in portstree which use this include if detect openssl>=3.5 Check latest security/libssh: FAILED: [code=1] src/CMakeFiles/ssh.dir/mlkem_crypto.c.o /usr/local/libexec/ccache/cc -DLIBSSH_EXPORTS -I/wrkdirs/usr/ports/security/libssh/work/.build/src -I/wrkdirs/usr/ports/security/libssh/work/libssh-0.12.0/src -I/wrkdirs/usr/ports/security/libssh/work/l /wrkdirs/usr/ports/security/libssh/work/libssh-0.12.0/src/mlkem_crypto.c:31:10: fatal error: 'openssl/ml_kem.h' file not found 31 | #include <openssl/ml_kem.h> | ^~~~~~~~~~~~~~~~~~ 1 error generated. stable/15 is also affected On 01.02.2026 01:10, Enji Cooper wrote: > The branch main has been updated by ngie: > > URL: https://cgit.FreeBSD.org/src/commit/?id=f25b8c9fb4f58cf61adb47d7570abe7caa6d385d > > commit f25b8c9fb4f58cf61adb47d7570abe7caa6d385d > Merge: fe81e3944c08 808413da28df > Author: Enji Cooper <ngie@FreeBSD.org> > AuthorDate: 2026-01-31 22:00:39 +0000 > Commit: Enji Cooper <ngie@FreeBSD.org> > CommitDate: 2026-01-31 22:00:39 +0000 > > openssl: import 3.5.5 > > This change adds OpenSSL 3.5.5 from upstream [1]. > > The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. > > This is a security release, but also contains several bugfixes. All of > the CVE-worthy issues have already been addressed on the target > branch(es), so the net-result is that this is a bugfix release. > > More information about the release (from a high level) can be found in > the release notes [4]. > > MFC after: 1 week > > 1. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz > 2. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.asc > 3. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.sha256 > 4. https://github.com/openssl/openssl/blob/openssl-3.5.5/NEWS.md > > Merge commit '808413da28df9fb93e1f304e6016b15e660f54c8' > > -- Sincerely, Dima (fluffy@FreeBSD.org, https://t.me/FluffyBSD, @fluffy:matrix-dev.freebsd.org) (desktop, kde, x11, office, ports-secteam)@FreeBSD team [-- Attachment #2 --] <html><head><meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=no"></head><body><div id="CanaryBody">Hello! <br> <br>latest openssl 3.5.x updates in base missed openssl/ml_kem.h include to install <br> <br>Now we have consumers in portstree which use this include if detect openssl>=3.5 <br> <br>Check latest security/libssh: <br> <br>FAILED: [code=1] src/CMakeFiles/ssh.dir/mlkem_crypto.c.o <br>/usr/local/libexec/ccache/cc -DLIBSSH_EXPORTS -I/wrkdirs/usr/ports/security/libssh/work/.build/src -I/wrkdirs/usr/ports/security/libssh/work/libssh-0.12.0/src -I/wrkdirs/usr/ports/security/libssh/work/l <br>/wrkdirs/usr/ports/security/libssh/work/libssh-0.12.0/src/mlkem_crypto.c:31:10: fatal error: 'openssl/ml_kem.h' file not found <br> 31 | #include <openssl/ml_kem.h> <br> | ^~~~~~~~~~~~~~~~~~ <br>1 error generated. <br> <br> <br>stable/15 is also affected <br> <br> <br>On 01.02.2026 01:10, Enji Cooper wrote: <br><blockquote type="cite">The branch main has been updated by ngie: <br> <br>URL: https://cgit.FreeBSD.org/src/commit/?id=f25b8c9fb4f58cf61adb47d7570abe7caa6d385d <br> <br>commit f25b8c9fb4f58cf61adb47d7570abe7caa6d385d <br>Merge: fe81e3944c08 808413da28df <br>Author: Enji Cooper <ngie@FreeBSD.org> <br>AuthorDate: 2026-01-31 22:00:39 +0000 <br>Commit: Enji Cooper <ngie@FreeBSD.org> <br>CommitDate: 2026-01-31 22:00:39 +0000 <br> <br>openssl: import 3.5.5 <br> <br>This change adds OpenSSL 3.5.5 from upstream [1]. <br> <br>The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3]. <br> <br>This is a security release, but also contains several bugfixes. All of <br>the CVE-worthy issues have already been addressed on the target <br>branch(es), so the net-result is that this is a bugfix release. <br> <br>More information about the release (from a high level) can be found in <br>the release notes [4]. <br> <br>MFC after: 1 week <br> <br>1. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz <br>2. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.asc <br>3. https://github.com/openssl/openssl/releases/download/openssl-3.5.5/openssl-3.5.5.tar.gz.sha256 <br>4. https://github.com/openssl/openssl/blob/openssl-3.5.5/NEWS.md <br> <br>Merge commit '808413da28df9fb93e1f304e6016b15e660f54c8' <br> <br> <br></blockquote> <br>-- <br>Sincerely, <br>Dima (fluffy@FreeBSD.org, https://t.me/FluffyBSD, @fluffy:matrix-dev.freebsd.org) <br>(desktop, kde, x11, office, ports-secteam)@FreeBSD team <br> <br></div></body></html>home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cf5397df-ac0b-4e08-8d70-a5be724c9792>