[tor-bugs] #34149 [Applications/Tor Browser]: Revert the "fix" for OpenSSL CVE-2019-1552
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri May 8 15:55:27 UTC 2020
#34149: Revert the "fix" for OpenSSL CVE-2019-1552
--------------------------------------+--------------------------
Reporter: cypherpunks | Owner: tbb-team
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: wontfix
Keywords: tbb-rbm | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Changes (by boklm):
* status: new => closed
* resolution: => wontfix
Comment:
Replying to [comment:2 boklm]:
> What do you suggest we do? Use `--prefix=C:\Windows\System32\SSL` on
Windows builds?
I tried that, but it fails with:
{{{
Directory given with --prefix MUST be absolute
}}}
Which is: https://github.com/openssl/openssl/issues/9520
Anyway I don't think we are affected by CVE-2019-1552 (for the reason
mentioned in ticket:31383#comment:16).
And I don't think there is any reason to revert
abdfbfdb3f4122300c3f3f5e745af1c74a559102.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34149#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list