diff options
author | Marius Bakke <mbakke@fastmail.com> | 2017-11-02 22:11:25 +0100 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2017-11-02 22:21:59 +0100 |
commit | 1df4f5c919937b60bfb21ac2a60d8f0a6737c421 (patch) | |
tree | caff980894804ee534e44f679ab0f1eb967ba28a /gnu/packages/tls.scm | |
parent | 22bf67d1f4681a0402deb184cfa6345af2fdfdfc (diff) | |
download | gnu-guix-1df4f5c919937b60bfb21ac2a60d8f0a6737c421.tar gnu-guix-1df4f5c919937b60bfb21ac2a60d8f0a6737c421.tar.gz |
gnu: openssl@1.0: Replace with 1.0.2m [fixes CVE-2017-3735, CVE-2017-2736].
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2m): New public variable.
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r-- | gnu/packages/tls.scm | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 075ea7a1c2..7611d4ec35 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -245,6 +245,7 @@ required structures.") (package (name "openssl") (version "1.0.2l") + (replacement openssl-1.0.2m) (source (origin (method url-fetch) (uri (list (string-append "ftp://ftp.openssl.org/source/" @@ -387,6 +388,25 @@ required structures.") (license license:openssl) (home-page "http://www.openssl.org/"))) +;; Fixes CVE-2017-3735 and CVE-2017-3736. +;; See <https://www.openssl.org/news/cl102.txt>. +(define-public openssl-1.0.2m + (package + (inherit openssl) + (version "1.0.2m") + (source (origin + (inherit (package-source openssl)) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/openssl-" version ".tar.gz"))) + (sha256 + (base32 + "03vvlfnxx4lhxc83ikfdl6jqph4h52y7lb7li03va6dkqrgg2vwc")))))) + (define-public openssl-next (package (inherit openssl) |