You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
OpenSSL v3 has an issue on 64bit Intel environments (not currently a target runtime for Herald for C++). We need to ensure we're using a version that is patched (no releases currently are) before we release support for Intel 64bit as a target (non-development) runtime.
Severity (Project team may edit this section after reporting)
Severe on Intel 64 bit (currently not a supported target environment, only for dev).
We're currently not using these algorithms in Herald. We only use SHA256 (and only as one of many options) and only on non-Intel platforms as a target environment. (Currently we use Intel 64bit as a test environment for automated CI only. This may change in a future release - E.g. if we choose to support Linux PinePhone / desktop.).
Describe the potential solution you'd like
Adopt a fixed release of openssl 3.x when available (it's not currently)
Describe alternatives you've considered
Documenting only (as its not currently a target runtime environment).
Additional context
Add any other context about the problem here.
NONE
Notification
DO NOT MODIFY THE BELOW - it will alert the maintainers once you submit your report.
@theheraldproject/committers
The text was updated successfully, but these errors were encountered:
Describe the security concern
OpenSSL v3 has an issue on 64bit Intel environments (not currently a target runtime for Herald for C++). We need to ensure we're using a version that is patched (no releases currently are) before we release support for Intel 64bit as a target (non-development) runtime.
Severity (Project team may edit this section after reporting)
Severe on Intel 64 bit (currently not a supported target environment, only for dev).
https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/
We're currently not using these algorithms in Herald. We only use SHA256 (and only as one of many options) and only on non-Intel platforms as a target environment. (Currently we use Intel 64bit as a test environment for automated CI only. This may change in a future release - E.g. if we choose to support Linux PinePhone / desktop.).
Describe the potential solution you'd like
Adopt a fixed release of openssl 3.x when available (it's not currently)
Describe alternatives you've considered
Documenting only (as its not currently a target runtime environment).
Additional context
Add any other context about the problem here.
NONE
Notification
DO NOT MODIFY THE BELOW - it will alert the maintainers once you submit your report.
@theheraldproject/committers
The text was updated successfully, but these errors were encountered: