Build broken because of upstream apk issue in libxslt #1
Comments
|
Thanks, that affected quite a few of our builds. We are applying a temporary fix. In the meantime, do you mind reporting it to alpine linux since it's a larger upstream issue in their end? |
|
Yup, it's reported to Alpine at https://bugs.alpinelinux.org/issues/7082 - if you can chime in there that would probably help track it. |
|
I have an idea (but not confirmed) that this is CVE-2017-5029. |
|
Build looks like it's fixed, based on http://jenkins.linuxserver.io:8080/job/Dockers/job/LinuxServer.io-arm64/job/lsioarm64-nginx/8/ I'll keep tracking this upstream. |
|
While I'm here, are you building nginx with an SSL library that has arm64 hardware acceleration instruction support? I don't know if the hardware you are targeting has that in it, but there's opportunity for substantial (4x-16x) performance. (edited) |
|
@aptalca ^^^ |
|
@aptalc @sparklyballs I ask about arm64 asm because of this https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1552939 which says that the asm support was patched into Debian but not upstreamed. Their suggested benchmark is |
|
@vielmetti we are using the 3.5 repo version of openssl, which is 1.0.2k. It gets pulled during the nginx baseimage build: http://jenkins.linuxserver.io:8080/job/Dockers/job/BaseImages-arm64/job/lsiobase-alpine.nginx.arm64/lastSuccessfulBuild/console At first look, it doesn't seem like asm is enabled. Here's their source and apkbuild: https://github.com/alpinelinux/aports/blob/3.5-stable/main/openssl/APKBUILD |
|
@aptalca - I did some rudimentary tests and I think the 3.5 repo version of openssl is fine. My test benchmark is On my Packet 2A (Cavium ThunderX) machine, aarch64/alpine: Same machine, Ubuntu 16.04 LTS native, not in a container: Funny enough, the aarch64/debian image is pretty bad: Same machine, aarch64/debian Docker container: Now to figure out upstream where I can report this Debian performance bug! (But you're good.) |
|
Update on the original bug: https://bugs.alpinelinux.org/issues/7082 it looks like the index has been fixed, can you retry your original build without the edge config, @aptalca @sparklyballs ? |
|
This was resolved a while back. Forgot to close |
The Jenkins build is breaking for this repo
http://jenkins.linuxserver.io:8080/job/Dockers/job/LinuxServer.io-arm64/job/lsioarm64-nginx/6/
because of this upstream bug in Alpine Linux
https://bugs.alpinelinux.org/issues/7082
in the libxslt library:
libxslt, libxslt-dev package version mismatch in index and file url
On repository - 1.1.29-r1
http://dl-4.alpinelinux.org/alpine/v3.5/main/aarch64/libxslt-1.1.29-r1.apk
On index - 1.1.29-r0
http://dl-4.alpinelinux.org/alpine/v3.5/main/aarch64/APKINDEX.tar.gz
The text was updated successfully, but these errors were encountered: