commit 9dfa7cfe6c22c1bd46330130dbb8e537c66802ae
author Juan Pablo Conde <juanpablo.conde@arm.com> Tue Nov 15 15:01:35 2022 -0500
committer Juan Pablo Conde <juanpablo.conde@arm.com> Tue Nov 15 16:08:58 2022 -0500
tree 501b48c941103868d47240fa2feb98149e97e090
parent eac0e03a1c8988cd84ac2451ec1584b4ae987e6e

bionic-amd64-tf-a-build: update OpenSSL to v3.0.7

Earlier versions of OpenSSL 3 present an important security
vulnerability that is fixed in v3.0.7, so the CI environments have
to be updated accordingly.

This patch updates OpenSSL to v3.0.7.

Signed-off-by: Juan Pablo Conde <juanpablo.conde@arm.com>
Change-Id: I0a4848db5ef80c4d9012d12d43df8e61d2dd3e12

bionic-amd64-tf-a-build/tf-dependencies.install

diff --git a/bionic-amd64-tf-a-build/tf-dependencies.install b/bionic-amd64-tf-a-build/tf-dependencies.install
index ac399b2..6f43fe1 100755
--- a/bionic-amd64-tf-a-build/tf-dependencies.install
+++ b/bionic-amd64-tf-a-build/tf-dependencies.install
@@ -83,11 +83,11 @@
 rm -f *.zip
 
 # Install OpenSSL 3.0
-OPENSSL_VER="3.0.2"
+OPENSSL_VER="3.0.7"
 OPENSSL_DIRNAME="openssl-${OPENSSL_VER}"
 OPENSSL_FILENAME="openssl-${OPENSSL_VER}"
-OPENSSL_CHECKSUM="98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63"
-curl --connect-timeout 5 --retry 5 --create-dirs -fsSLo /tmp/${OPENSSL_FILENAME}.tar.gz \
+OPENSSL_CHECKSUM="83049d042a260e696f62406ac5c08bf706fd84383f945cf21bd61e9ed95c396e"
+curl --connect-timeout 5 --retry 5 --retry-delay 1 --create-dirs -fsSLo /tmp/${OPENSSL_FILENAME}.tar.gz \
   https://www.openssl.org/source/${OPENSSL_FILENAME}.tar.gz
 echo "${OPENSSL_CHECKSUM}  /tmp/${OPENSSL_FILENAME}.tar.gz" | sha256sum -c
 mkdir -p ${TOOLS_DIR}/${OPENSSL_DIRNAME} && tar -xzf /tmp/${OPENSSL_FILENAME}.tar.gz -C ${TOOLS_DIR}/${OPENSSL_DIRNAME} --strip-components=1