Closed
Bug 1427266
Opened 6 years ago
Closed 6 years ago
Statically link libdmg-hfsplus against openssl
Categories
(Firefox Build System :: General, enhancement)
Firefox Build System
General
Tracking
(firefox59 fixed)
RESOLVED
FIXED
mozilla59
Tracking | Status | |
---|---|---|
firefox59 | --- | fixed |
People
(Reporter: glandium, Assigned: glandium)
References
Details
Attachments
(1 file)
No description provided.
Comment hidden (mozreview-request) |
Assignee | ||
Comment 2•6 years ago
|
||
mozreview-review |
Comment on attachment 8939011 [details] Bug 1427266 - Statically link libdmg-hfsplus against OpenSSL. https://reviewboard.mozilla.org/r/209452/#review215160 ::: taskcluster/scripts/misc/build-libdmg-hfsplus.sh:16 (Diff revision 1) > # There's no single well-maintained fork of libdmg-hfsplus, so we forked > # https://github.com/andreas56/libdmg-hfsplus/ to get a specific version and > # backport some patches. > : LIBDMG_REPOSITORY ${LIBDMG_REPOSITORY:=https://github.com/mozilla/libdmg-hfsplus} > # The `mozilla` branch contains our fork. > -: LIBDMG_REV ${LIBDMG_REV:=ba04b00435a0853f1499d751617177828ee8ec00} > +: LIBDMG_REV ${LIBDMG_REV:=2ee327795680101d36f9700bd0fb618362237718} Note this assumes https://github.com/mozilla/libdmg-hfsplus/pull/1 is merged with a fast-forward.
Updated•6 years ago
|
Attachment #8939011 -
Flags: review?(core-build-config-reviews)
Comment 3•6 years ago
|
||
mozreview-review |
Comment on attachment 8939011 [details] Bug 1427266 - Statically link libdmg-hfsplus against OpenSSL. https://reviewboard.mozilla.org/r/209452/#review215212 My main concern with statically linking openssl is weakening security by making it harder to upgrade openssl. But I don't see how this change increases our security risk given how libdmg-hfsplus is currently used (as a support library in a desired-to-be-deterministic Docker image).
Attachment #8939011 -
Flags: review+
Pushed by mh@glandium.org: https://hg.mozilla.org/integration/autoland/rev/78f2064b3811 Statically link libdmg-hfsplus against OpenSSL. r=gps
Backout by apavel@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/bbd42a73b04c Backed out 1 changesets for failing linux toolchain builds r=backout on a CLOSED TREE
Assignee | ||
Comment 6•6 years ago
|
||
Forgot this needs the libdmg-hfsplus PR to be merged first.
Comment 7•6 years ago
|
||
Backed out for failing linux toolchain builds r=backout on a CLOSED TREE push with failure: https://treeherder.mozilla.org/#/jobs?repo=autoland&revision=78f2064b3811db58b364c32ce9b58a3f2dcaf8f8 failure log: https://public-artifacts.taskcluster.net/PNBEe-fwStCIN3kY3qiw5g/0/public/logs/live_backing.log backout: https://hg.mozilla.org/integration/autoland/rev/bbd42a73b04c04ca7236a3a99d4340f480d9718f
Assignee | ||
Comment 8•6 years ago
|
||
Mike, can you merge https://github.com/mozilla/libdmg-hfsplus/pull/1 (a fast-forward would avoid having to change the patch in this bug)?
Flags: needinfo?(mshal)
Comment 10•6 years ago
|
||
Pushed by gszorc@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/aa3ac1aa5299 Statically link libdmg-hfsplus against OpenSSL. r=gps
Comment 11•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/aa3ac1aa5299
Status: NEW → RESOLVED
Closed: 6 years ago
status-firefox59:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla59
Updated•6 years ago
|
Product: Core → Firefox Build System
You need to log in
before you can comment on or make changes to this bug.
Description
•