diff options
| author | Marius Bakke <mbakke@fastmail.com> | 2019-10-13 20:50:18 +0200 |
|---|---|---|
| committer | Marius Bakke <mbakke@fastmail.com> | 2019-10-13 22:49:16 +0200 |
| commit | d6718086f8904c72eb97a8c274cd156a9c08072a (patch) | |
| tree | 18b4280005adf4d861141a8a76123908686fbda4 /gnu/packages/tls.scm | |
| parent | 0475c88d6f751eac63a928e3a4fd367f2251eb89 (diff) | |
| download | guix-d6718086f8904c72eb97a8c274cd156a9c08072a.tar guix-d6718086f8904c72eb97a8c274cd156a9c08072a.tar.gz | |
gnu: OpenSSL@1.0: Replace with 1.0.2t [fixes CVE-2019-1547, CVE-2019-1563].
* gnu/packages/tls.scm (openssl-1.0.2t): New variable.
(openssl-1.0)[replacement]: New field.
Diffstat (limited to 'gnu/packages/tls.scm')
| -rw-r--r-- | gnu/packages/tls.scm | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index c45767c1b3..2def6ee703 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -392,6 +392,7 @@ required structures.") (inherit openssl) (name "openssl") (version "1.0.2s") + (replacement openssl-1.0.2t) (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -473,6 +474,27 @@ required structures.") ,version "/misc")) #t))))))))) +(define openssl-1.0.2t + (package + (inherit openssl) + (version "1.0.2t") + (source (origin + (inherit (package-source openssl-1.0)) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/" + "openssl-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/openssl-" version ".tar.gz"))) + (sha256 + (base32 + "1g67ra0ph7gpz6fgvv1i96d792jmd6ymci5kk53vbikszr74djql")))) + (arguments + (substitute-keyword-arguments (package-arguments openssl-1.0) + ;; Parallel build is not supported in 1.0.x. + ((#:parallel-build? _ #f) #f))))) + (define-public libressl (package (name "libressl") |