From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: [PATCH 0/2] OpenSSL security updates Date: Thu, 26 Jan 2017 14:19:34 -0500 Message-ID: Return-path: Received: from eggs.gnu.org ([2001:4830:134:3::10]:41306) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cWpaG-00005J-Ll for guix-devel@gnu.org; Thu, 26 Jan 2017 14:19:50 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cWpaB-0002Ad-Kb for guix-devel@gnu.org; Thu, 26 Jan 2017 14:19:48 -0500 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:59590) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cWpaB-00029o-21 for guix-devel@gnu.org; Thu, 26 Jan 2017 14:19:43 -0500 Received: from localhost.localdomain (c-73-188-17-148.hsd1.pa.comcast.net [73.188.17.148]) by mail.messagingengine.com (Postfix) with ESMTPA id EBFFE24519 for ; Thu, 26 Jan 2017 14:19:41 -0500 (EST) List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org Sender: "Guix-devel" To: guix-devel@gnu.org OpenSSL 1.0 and 1.1 have both received security updates: https://mta.openssl.org/pipermail/openssl-announce/2017-January/000094.html I built the updated packages successfully but I don't have time to test them. Please test these and push on my behalf. Please verify the signatures and hashes of the source code, and read over the patches to make sure they are correct. Leo Famulari (2): gnu: openssl: Replace with openssl-1.0.2k [security fixes]. gnu: openssl-next: Update to 1.1.0d [fixes CVE-2017-{3730,3731,3732}]. gnu/packages/tls.scm | 25 +++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) -- 2.11.0