diff options
| author | Mark H Weaver <mhw@netris.org> | 2017-12-17 20:57:35 -0500 |
|---|---|---|
| committer | Mark H Weaver <mhw@netris.org> | 2017-12-17 21:10:45 -0500 |
| commit | 87dbb634a992e51fbcea86034a6c37f126a25a78 (patch) | |
| tree | 8492f390ae70054428e9ffe4c4ee4ee770d0e952 /gnu | |
| parent | 98cf8ca89a41329c00f0e895f599901e357a60f1 (diff) | |
| download | guix-87dbb634a992e51fbcea86034a6c37f126a25a78.tar guix-87dbb634a992e51fbcea86034a6c37f126a25a78.tar.gz | |
gnu: openssl: Update replacement to 1.0.2n [fixes CVE-2017-{3737,3738}].
* gnu/packages/tls.scm (openssl)[replacement]: Use openssl-1.0.2n.
(openssl-1.0.2m): Replace with ...
(openssl-1.0.2n): ... this updated version. Update comment.
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/packages/tls.scm | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 9e2c1c6d49..75d8c9497e 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -255,7 +255,7 @@ required structures.") (package (name "openssl") (version "1.0.2l") - (replacement openssl-1.0.2m) + (replacement openssl-1.0.2n) (source (origin (method url-fetch) (uri (list (string-append "ftp://ftp.openssl.org/source/" @@ -398,12 +398,12 @@ required structures.") (license license:openssl) (home-page "http://www.openssl.org/"))) -;; Fixes CVE-2017-3735 and CVE-2017-3736. +;; Fixes CVE-2017-3735, CVE-2017-3736, CVE-2017-3737, and CVE-2017-3738. ;; See <https://www.openssl.org/news/cl102.txt>. -(define-public openssl-1.0.2m +(define-public openssl-1.0.2n (package (inherit openssl) - (version "1.0.2m") + (version "1.0.2n") (source (origin (inherit (package-source openssl)) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -415,7 +415,7 @@ required structures.") "/openssl-" version ".tar.gz"))) (sha256 (base32 - "03vvlfnxx4lhxc83ikfdl6jqph4h52y7lb7li03va6dkqrgg2vwc")))))) + "1zm82pyq5a9jm10q6iv7d3dih3xwjds4x30fqph3k317byvsn2rp")))))) (define-public openssl-next (package |