From: Leo Famulari <leo@famulari.name>
To: guix-devel@gnu.org
Subject: [PATCH 1/2] gnu: openssl: Replace with openssl-1.0.2k [security fixes].
Date: Thu, 26 Jan 2017 14:19:35 -0500 [thread overview]
Message-ID: <409b2797fc83313fb323babb026da90f444701fa.1485458347.git.leo@famulari.name> (raw)
In-Reply-To: <cover.1485458347.git.leo@famulari.name>
In-Reply-To: <cover.1485458347.git.leo@famulari.name>
Fix CVE-2016-7055 and CVE-2017-{3731,3732}.
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2k): New variable.
(openssl-next)[replacement]: New field.
---
gnu/packages/tls.scm | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 1198eb7d0..d2abf1223 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -244,6 +244,7 @@ required structures.")
(define-public openssl
(package
(name "openssl")
+ (replacement openssl-1.0.2k)
(version "1.0.2j")
(source (origin
(method url-fetch)
@@ -381,9 +382,29 @@ required structures.")
(license license:openssl)
(home-page "http://www.openssl.org/")))
+(define openssl-1.0.2k
+ (package
+ (inherit openssl)
+ (name "openssl")
+ (version "1.0.2k")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (list (string-append "ftp://ftp.openssl.org/source/"
+ name "-" version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/old/"
+ (string-trim-right version char-set:letter)
+ "/" name "-" version ".tar.gz")))
+ (sha256
+ (base32
+ "1h6qi35w6hv6rd73p4cdgdzg732pdrfgpp37cgwz1v9a3z37ffbb"))
+ (patches (search-patches "openssl-runpath.patch"
+ "openssl-c-rehash-in.patch"))))))
+
(define-public openssl-next
(package
(inherit openssl)
+ (replacement #f)
(name "openssl")
(version "1.1.0c")
(source (origin
--
2.11.0
next prev parent reply other threads:[~2017-01-26 19:19 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-26 19:19 [PATCH 0/2] OpenSSL security updates Leo Famulari
2017-01-26 19:19 ` Leo Famulari [this message]
2017-01-26 19:22 ` [PATCH 1/2] gnu: openssl: Replace with openssl-1.0.2k [security fixes] Leo Famulari
2017-01-26 19:19 ` [PATCH 2/2] gnu: openssl-next: Update to 1.1.0d [fixes CVE-2017-{3730, 3731, 3732}] Leo Famulari
2017-01-26 19:21 ` [PATCH 2/2] gnu: openssl-next: Update to 1.1.0d [fixes CVE-2017-{3730,3731,3732}] Leo Famulari
2017-01-26 21:43 ` [PATCH 0/2] OpenSSL security updates Marius Bakke
2017-01-26 23:53 ` Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=409b2797fc83313fb323babb026da90f444701fa.1485458347.git.leo@famulari.name \
--to=leo@famulari.name \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).