aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/tls.scm
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2017-12-17 20:57:35 -0500
committerMark H Weaver <mhw@netris.org>2017-12-17 21:10:45 -0500
commit87dbb634a992e51fbcea86034a6c37f126a25a78 (patch)
tree8492f390ae70054428e9ffe4c4ee4ee770d0e952 /gnu/packages/tls.scm
parent98cf8ca89a41329c00f0e895f599901e357a60f1 (diff)
downloadguix-87dbb634a992e51fbcea86034a6c37f126a25a78.tar
guix-87dbb634a992e51fbcea86034a6c37f126a25a78.tar.gz
gnu: openssl: Update replacement to 1.0.2n [fixes CVE-2017-{3737,3738}].
* gnu/packages/tls.scm (openssl)[replacement]: Use openssl-1.0.2n. (openssl-1.0.2m): Replace with ... (openssl-1.0.2n): ... this updated version. Update comment.
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r--gnu/packages/tls.scm10
1 files changed, 5 insertions, 5 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 9e2c1c6d49..75d8c9497e 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -255,7 +255,7 @@ required structures.")
(package
(name "openssl")
(version "1.0.2l")
- (replacement openssl-1.0.2m)
+ (replacement openssl-1.0.2n)
(source (origin
(method url-fetch)
(uri (list (string-append "ftp://ftp.openssl.org/source/"
@@ -398,12 +398,12 @@ required structures.")
(license license:openssl)
(home-page "http://www.openssl.org/")))
-;; Fixes CVE-2017-3735 and CVE-2017-3736.
+;; Fixes CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, and CVE-2017-3738.
;; See <https://www.openssl.org/news/cl102.txt>.
-(define-public openssl-1.0.2m
+(define-public openssl-1.0.2n
(package
(inherit openssl)
- (version "1.0.2m")
+ (version "1.0.2n")
(source (origin
(inherit (package-source openssl))
(uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -415,7 +415,7 @@ required structures.")
"/openssl-" version ".tar.gz")))
(sha256
(base32
- "03vvlfnxx4lhxc83ikfdl6jqph4h52y7lb7li03va6dkqrgg2vwc"))))))
+ "1zm82pyq5a9jm10q6iv7d3dih3xwjds4x30fqph3k317byvsn2rp"))))))
(define-public openssl-next
(package