diff options
author | Leo Famulari <leo@famulari.name> | 2017-01-26 14:19:35 -0500 |
---|---|---|
committer | Marius Bakke <mbakke@fastmail.com> | 2017-01-26 22:26:12 +0100 |
commit | 544db93cafc3e0bf9a89623b8fed3a169958c1d3 (patch) | |
tree | 25a07f972ef5d3939cd3af650025df271f328b38 /gnu/packages/tls.scm | |
parent | 264ccbb31e0cffb2d71a465bec32adbdf7e20d06 (diff) | |
download | guix-544db93cafc3e0bf9a89623b8fed3a169958c1d3.tar guix-544db93cafc3e0bf9a89623b8fed3a169958c1d3.tar.gz |
gnu: openssl: Replace with openssl-1.0.2k [security fixes].
Fix CVE-2016-7055 and CVE-2017-{3731,3732}.
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2k): New variable.
(openssl-next)[replacement]: New field.
Signed-off-by: Marius Bakke <mbakke@fastmail.com>
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r-- | gnu/packages/tls.scm | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 252e53c840..0dd431cf99 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -244,6 +244,7 @@ required structures.") (define-public openssl (package (name "openssl") + (replacement openssl-1.0.2k) (version "1.0.2j") (source (origin (method url-fetch) @@ -381,9 +382,29 @@ required structures.") (license license:openssl) (home-page "http://www.openssl.org/"))) +(define openssl-1.0.2k + (package + (inherit openssl) + (name "openssl") + (version "1.0.2k") + (source + (origin + (method url-fetch) + (uri (list (string-append "ftp://ftp.openssl.org/source/" + name "-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/" name "-" version ".tar.gz"))) + (sha256 + (base32 + "1h6qi35w6hv6rd73p4cdgdzg732pdrfgpp37cgwz1v9a3z37ffbb")) + (patches (search-patches "openssl-runpath.patch" + "openssl-c-rehash-in.patch")))))) + (define-public openssl-next (package (inherit openssl) + (replacement #f) (name "openssl") (version "1.1.0c") (source (origin |