[bug#46600] [PATCH] gnu: OpenSSL: Update to 1.1.1j [fixes CVE-2021-{23840, 23841}].

unofficial mirror of guix-patches@gnu.org 
 help / color / mirror / code / Atom feed

* [bug#46600] [PATCH] gnu: OpenSSL: Update to 1.1.1j [fixes CVE-2021-{23840, 23841}].
@ 2021-02-17 21:04 Leo Famulari
  0 siblings, 0 replies; only message in thread
From: Leo Famulari @ 2021-02-17 21:04 UTC (permalink / raw)
  To: 46600

There is no fix for these issues available for OpenSSL 1.0.2.

* gnu/packages/tls.scm (openssl-1.1.1j): New variable.
(openssl)[replacement]: New field.
---
 gnu/packages/tls.scm | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 775e915534..e00ec90221 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -287,6 +287,7 @@ required structures.")
 (define-public openssl
   (package
    (name "openssl")
+   (replacement openssl-1.1.1j)
    (version "1.1.1i")
    (source (origin
              (method url-fetch)
@@ -419,6 +420,24 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
+(define-public openssl-1.1.1j
+  (package
+    (inherit openssl)
+    (version "1.1.1j")
+    (source (origin
+              (method url-fetch)
+              (uri (list (string-append "https://www.openssl.org/source/openssl-"
+                                        version ".tar.gz")
+                         (string-append "ftp://ftp.openssl.org/source/"
+                                        "openssl-" version ".tar.gz")
+                         (string-append "ftp://ftp.openssl.org/source/old/"
+                                        (string-trim-right version char-set:letter)
+                                        "/openssl-" version ".tar.gz")))
+              (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
+              (sha256
+               (base32
+                "1gw17520vh13izy1xf5q0a2fqgcayymjjj5bk0dlkxndfnszrwma"))))))
+
 (define-public openssl-1.0
   (package
     (inherit openssl)
-- 
2.30.1





^ permalink raw reply related	[flat|nested] only message in thread

only message in thread, other threads:[~2021-02-17 21:43 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-02-17 21:04 [bug#46600] [PATCH] gnu: OpenSSL: Update to 1.1.1j [fixes CVE-2021-{23840, 23841}] Leo Famulari

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/guix.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).