diff options
author | Mark H Weaver <mhw@netris.org> | 2016-05-03 13:06:00 -0400 |
---|---|---|
committer | Mark H Weaver <mhw@netris.org> | 2016-05-03 13:31:50 -0400 |
commit | 3c1d2981ff0cc63c74d10e78fe9e2b056e9f4ac0 (patch) | |
tree | c4df997faababe5a79f3c5a3eccd9e8388aad341 /gnu/packages/tls.scm | |
parent | e760ec4187244c0960f21803abef1849c97a8203 (diff) | |
download | guix-3c1d2981ff0cc63c74d10e78fe9e2b056e9f4ac0.tar guix-3c1d2981ff0cc63c74d10e78fe9e2b056e9f4ac0.tar.gz |
gnu: openssl: Replace with 1.0.2h [security fixes].
Fixes CVE-2016-{2105,2106,2107,2109,2176}.
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl/fixed): New variable.
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r-- | gnu/packages/tls.scm | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 0f4441d70c..6685ee0349 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -198,6 +198,7 @@ required structures.") (package (name "openssl") (version "1.0.2g") + (replacement openssl/fixed) (source (origin (method url-fetch) (uri (list (string-append "ftp://ftp.openssl.org/source/" @@ -298,6 +299,25 @@ required structures.") (license license:openssl) (home-page "http://www.openssl.org/"))) +(define openssl/fixed + (package + (inherit openssl) + (source + (let ((name "openssl") + (version "1.0.2h")) + (origin + (method url-fetch) + (uri (list (string-append "ftp://ftp.openssl.org/source/" + name "-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/" name "-" version ".tar.gz"))) + (sha256 + (base32 + "06996ds1rk8xhnyb5y273a7xkcxhggp4bq1g02rab55d7bjhfh0x")) + (patches (search-patches "openssl-runpath.patch" + "openssl-c-rehash-in.patch"))))))) + (define-public libressl (package (name "libressl") |