Closed liuh-80 closed 1 year ago
saiarcot895
commented
1 year ago I don't think the OpenSSH version should be bumped here, because if Debian pushes out an update, we'd need that update. From what I could tell on the sonic-buildimage side, it looks like the FIPS_VERSION field is used for downloading the binaries to be used. I updated that field in my PR in #34.
liuh-80
commented
1 year ago I don't think the OpenSSH version should be bumped here, because if Debian pushes out an update, we'd need that update. From what I could tell on the sonic-buildimage side, it looks like the
FIPS_VERSIONfield is used for downloading the binaries to be used. I updated that field in my PR in #34.
The version changed in #34 are: SYMCRYPT_OPENSSL_VERSION = 0.3 => 0.4 SYMCRYPTOPENSSL = symcrypt-openssl$(SYMCRYPT_OPENSSLVERSION)$(ARCH).deb
which seems not openssh version,
@xumia, we need update openssh deb package, do you think this PR is necessary?
liuh-80
commented
1 year ago The PR build break because openssh version are from debian side source code. and as saiarcot895 said, change openssh version is not a good choice. so will update PR with a different solution.
Update FIPS version for PR #38
Why I did it
new patch been added by PR so need update deb package version:
Export remote address to environment variable for TACACS authorization. https://github.com/sonic-net/sonic-fips/pull/38
How I did it
Update FIPS version in make file
How to verify it
Pass all E2E test.
Description for the changelog
Update FIPS version for PR #38