Skip to content

Patch openssl for CVE-2026-34182 [Critical] #17717

Open
Kanishk-Bansal wants to merge 4 commits into
fasttrack/3.0from
kanbansal/openssl/cp-3.3.7
Open

Patch openssl for CVE-2026-34182 [Critical] #17717
Kanishk-Bansal wants to merge 4 commits into
fasttrack/3.0from
kanbansal/openssl/cp-3.3.7

Conversation

@Kanishk-Bansal

@Kanishk-Bansal Kanishk-Bansal commented Jun 15, 2026

Copy link
Copy Markdown

cherry-pick ddbaebd
617a687

@Kanishk-Bansal Kanishk-Bansal requested review from a team as code owners June 15, 2026 05:41
@microsoft-github-policy-service microsoft-github-policy-service Bot added Packaging specs-extended PR to fix SPECS-EXTENDED fasttrack/3.0 PRs Destined for Azure Linux 3.0 labels Jun 15, 2026
@Kanishk-Bansal Kanishk-Bansal force-pushed the kanbansal/openssl/cp-3.3.7 branch from d61564c to 47beee9 Compare June 15, 2026 06:31
Patch openssl for CVE-2026-34182 [Critical]
6c3037a 
Signed-off-by: Kanishk Bansal <kanbansal@microsoft.com>
@Kanishk-Bansal Kanishk-Bansal force-pushed the kanbansal/openssl/cp-3.3.7 branch from 47beee9 to 6c3037a Compare June 15, 2026 08:43
@Kanishk-Bansal Kanishk-Bansal marked this pull request as draft June 15, 2026 12:02
@Kanishk-Bansal Kanishk-Bansal marked this pull request as ready for review June 15, 2026 13:55
@Kanishk-Bansal

Kanishk-Bansal commented Jun 15, 2026

Copy link
Copy Markdown
Author

Buddy Build

jslobodzian
jslobodzian reviewed Jun 15, 2026
View reviewed changes

@jslobodzian jslobodzian left a comment
edited
Loading

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Extended does not build through fasttrack for Azure Linux 3.0 because the extended repository itself does not build without errors. We cannot take the extended portions of this PR through fasttrack. But also, why are we making a change to the unsupported extended repository?

@Kanishk-Bansal

Kanishk-Bansal commented Jun 15, 2026

Copy link
Copy Markdown
Author

Extended does not build through fasttrack for Azure Linux 3.0 because the extended repository itself does not build without errors. We cannot take the extended portions of this PR through fasttrack. But also, why are we making a change to the unsupported extended repository?

Jon the extended ones are's already merged in 3.0-dev. I cherry-picked all in dev to ft and then applied patch for critical

christopherco
christopherco requested changes Jun 16, 2026
View reviewed changes

@christopherco christopherco left a comment
edited
Loading

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Waiting on #17737 to merge, then rebase this PR to only have the CVE fix

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jslobodzian jslobodzian jslobodzian left review comments

@christopherco christopherco christopherco requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

fasttrack/3.0 PRs Destined for Azure Linux 3.0 Packaging security specs-extended PR to fix SPECS-EXTENDED

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Kanishk-Bansal @jslobodzian @christopherco @corvus-callidus @jykanase