From: Leo Famulari <leo@famulari.name>
To: guix-devel@gnu.org
Subject: Re: [PATCH 1/2] gnu: openssl: Replace with openssl-1.0.2k [security fixes].
Date: Thu, 26 Jan 2017 14:22:18 -0500 [thread overview]
Message-ID: <20170126192218.GB31485@jasmine> (raw)
In-Reply-To: <409b2797fc83313fb323babb026da90f444701fa.1485458347.git.leo@famulari.name>
[-- Attachment #1: Type: text/plain, Size: 1907 bytes --]
On Thu, Jan 26, 2017 at 02:19:35PM -0500, Leo Famulari wrote:
> Fix CVE-2016-7055 and CVE-2017-{3731,3732}.
>
> * gnu/packages/tls.scm (openssl)[replacement]: New field.
> (openssl-1.0.2k): New variable.
> (openssl-next)[replacement]: New field.
I forgot to sign this email, too.
> ---
> gnu/packages/tls.scm | 21 +++++++++++++++++++++
> 1 file changed, 21 insertions(+)
>
> diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
> index 1198eb7d0..d2abf1223 100644
> --- a/gnu/packages/tls.scm
> +++ b/gnu/packages/tls.scm
> @@ -244,6 +244,7 @@ required structures.")
> (define-public openssl
> (package
> (name "openssl")
> + (replacement openssl-1.0.2k)
> (version "1.0.2j")
> (source (origin
> (method url-fetch)
> @@ -381,9 +382,29 @@ required structures.")
> (license license:openssl)
> (home-page "http://www.openssl.org/")))
>
> +(define openssl-1.0.2k
> + (package
> + (inherit openssl)
> + (name "openssl")
> + (version "1.0.2k")
> + (source
> + (origin
> + (method url-fetch)
> + (uri (list (string-append "ftp://ftp.openssl.org/source/"
> + name "-" version ".tar.gz")
> + (string-append "ftp://ftp.openssl.org/source/old/"
> + (string-trim-right version char-set:letter)
> + "/" name "-" version ".tar.gz")))
> + (sha256
> + (base32
> + "1h6qi35w6hv6rd73p4cdgdzg732pdrfgpp37cgwz1v9a3z37ffbb"))
> + (patches (search-patches "openssl-runpath.patch"
> + "openssl-c-rehash-in.patch"))))))
> +
> (define-public openssl-next
> (package
> (inherit openssl)
> + (replacement #f)
> (name "openssl")
> (version "1.1.0c")
> (source (origin
> --
> 2.11.0
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2017-01-26 19:22 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-26 19:19 [PATCH 0/2] OpenSSL security updates Leo Famulari
2017-01-26 19:19 ` [PATCH 1/2] gnu: openssl: Replace with openssl-1.0.2k [security fixes] Leo Famulari
2017-01-26 19:22 ` Leo Famulari [this message]
2017-01-26 19:19 ` [PATCH 2/2] gnu: openssl-next: Update to 1.1.0d [fixes CVE-2017-{3730, 3731, 3732}] Leo Famulari
2017-01-26 19:21 ` [PATCH 2/2] gnu: openssl-next: Update to 1.1.0d [fixes CVE-2017-{3730,3731,3732}] Leo Famulari
2017-01-26 21:43 ` [PATCH 0/2] OpenSSL security updates Marius Bakke
2017-01-26 23:53 ` Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170126192218.GB31485@jasmine \
--to=leo@famulari.name \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).