linux centos8升级openssl 3.0.8版本全过程
Noteworthy Changes Since 10.3-RC1 ：
- Under certain circumstances, `zfs send -i`, i. e. incremental ZFS
send, could lead to data corruption, which has been addressed by
importing an upstream fix.
- Boot loaders and kernel have been taught to handle ELF sections of
type SHT_AMD64_UNWIND just the same as SHT_PROGBITS when loading
modules. While not directly relevant for 10.3-RELEASE, clang as of
version 3.8 started to produce sections of the former type in amd64
modules. Thus, this changes will simplify upgrades from 10.3-RELEASE
to 11.0-RELEASE later on.
- As part of closing or syncing a hash(3)-based database file, fsync(2)
now is called on the latter. This ensures that changes are on disk
when shutting down a machine, which previously was not always the case
with soft updates in place. Additionally, this change allowed removal
of O_SYNC in the dbopen(3) calls of cap_mkdb(1), pwd_mkdb(8) as well
as services_mkdb(8), speeding these up on large database files.
- A fix for CVE-2016-3115, and
- the re-addition of AES-CBC ciphers to the default server proposal
list. These have been removed as part of the previous upgrade to
OpenSSH version 7.1p2, breaking e. g. lightweight clients making
still use of AES-CBC ciphers in order to be able to employ hardware