[v1] doc: add recommendation to update to latest openssl version
Checks
Commit Message
Add recommendation to update to latest OpenSSL version when
using the OpenSSL PMD and to at least version 1.1.1g to avoid
known CVEs.
Signed-off-by: John McNamara <john.mcnamara@intel.com>
---
doc/guides/cryptodevs/openssl.rst | 24 +++++-------------------
1 file changed, 5 insertions(+), 19 deletions(-)
Comments
> Subject: [dpdk-dev] [PATCH v1] doc: add recommendation to update to latest
> openssl version
>
> Add recommendation to update to latest OpenSSL version when
> using the OpenSSL PMD and to at least version 1.1.1g to avoid
> known CVEs.
>
> Signed-off-by: John McNamara <john.mcnamara@intel.com>
> ---
Applied to dpdk-next-crypto
Thanks.
@@ -58,27 +58,13 @@ Supported Asymmetric Crypto algorithms:
Installation
------------
-To compile openssl PMD, appropriate openssl packages have to be installed
-in the build environment.
+To compile the OpenSSL PMD the openssl library must be installed. It will
+then be picked up by the Meson/Ninja build system.
-The newest openssl library version is supported:
+To ensure that you have the latest security fixes it is recommended that you
+use version 1.1.1g or newer.
-* 1.0.2h-fips 3 May 2016.
-
-Older versions that were also verified:
-
-* 1.0.1f 6 Jan 2014
-* 1.0.1 14 Mar 2012
-
-For Ubuntu 14.04 LTS these packages have to be installed in the build system:
-
-.. code-block:: console
-
- sudo apt-get install openssl
- sudo apt-get install libc6-dev-i386 # for i686-native-linux-gcc target
-
-This code was also verified on Fedora 24.
-This code has NOT been verified on FreeBSD yet.
+* 1.1.1g, 2020-Apr-21. https://www.openssl.org/source/
Initialization
--------------