From cbcbb10a63edd3cab85db375074c56d12e15abd8 Mon Sep 17 00:00:00 2001 From: Marius Bakke Date: Thu, 22 Mar 2018 14:14:09 +0100 Subject: gnu: certbot: Update to 0.22.2. * gnu/packages/tls.scm (python-acme, certbot): Update to 0.22.2. --- gnu/packages/tls.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'gnu/packages/tls.scm') diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index e349cff233..f56d5b27fa 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -512,13 +512,13 @@ netcat implementation that supports TLS.") (package (name "python-acme") ;; Remember to update the hash of certbot when updating python-acme. - (version "0.22.1") + (version "0.22.2") (source (origin (method url-fetch) (uri (pypi-uri "acme" version)) (sha256 (base32 - "0cbw062xmaqhmdb5d04d2xs9aacmq1i7yvnd37gw1d71qgxlnmsz")))) + "1d5d4w88aj1i8fyrs44dapmiqbmgz4bjgryn8k3mnggmd6ihxk8f")))) (build-system python-build-system) (arguments `(#:phases @@ -567,7 +567,7 @@ netcat implementation that supports TLS.") (uri (pypi-uri name version)) (sha256 (base32 - "1d9abvlwi2d4d991dakds7jyrzxcsqkl13sd0clkriav9cdqwhv4")))) + "1vsb8qqghxrwxr3d2l0d5cgdk0pz7b3f76bx3zrrg0z7jf967qz6")))) (build-system python-build-system) (arguments `(,@(substitute-keyword-arguments (package-arguments python-acme) -- cgit v1.2.3 From 0741932bc4bd183b45425aec073e1b8bd14f3d85 Mon Sep 17 00:00:00 2001 From: Nils Gillmann Date: Sat, 24 Mar 2018 12:22:49 +0000 Subject: gnu: libressl: Update to 2.7.1. * gnu/packages/tls.scm (libressl): Update to 2.7.1. Signed-off-by: Nils Gillmann Signed-off-by: Marius Bakke --- gnu/packages/tls.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'gnu/packages/tls.scm') diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index f56d5b27fa..b109a2a882 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -6,7 +6,7 @@ ;;; Copyright © 2015 David Thompson ;;; Copyright © 2015, 2016, 2017 Leo Famulari ;;; Copyright © 2016, 2017 Efraim Flashner -;;; Copyright © 2016, 2017 Nils Gillmann +;;; Copyright © 2016, 2017, 2018 Nils Gillmann ;;; Copyright © 2016 Hartmut Goebel ;;; Copyright © 2017 Ricardo Wurmus ;;; Copyright © 2017 Marius Bakke @@ -468,14 +468,14 @@ required structures.") (define-public libressl (package (name "libressl") - (version "2.6.4") + (version "2.7.1") (source (origin (method url-fetch) (uri (string-append "mirror://openbsd/LibreSSL/" name "-" version ".tar.gz")) (sha256 (base32 - "07yi37a2ghsgj2b4w30q1s4d2inqnix7ika1m21y57p9z71212k3")))) + "0w3hdgcr4cq84cv7wkkg2clz9s6l2m2l92d6mfn70wxs6vi0fxck")))) (build-system gnu-build-system) (arguments ;; Do as if 'getentropy' was missing since older Linux kernels lack it -- cgit v1.2.3 From 0fc3af7d8872129a3497c6fc62f24205d29728c1 Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 27 Mar 2018 15:41:00 -0400 Subject: gnu: openssl@1.1.0: Update to 1.1.0h [security fixes]. Fixes CVE-2017-3738 and CVE-2018-{0733,0739}. * gnu/packages/tls.scm (openssl-next): Update to 1.1.0h. --- gnu/packages/tls.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'gnu/packages/tls.scm') diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index b109a2a882..74843c0a96 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -403,7 +403,7 @@ required structures.") (package (inherit openssl) (name "openssl") - (version "1.1.0g") + (version "1.1.0h") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -416,7 +416,7 @@ required structures.") (patches (search-patches "openssl-1.1.0-c-rehash-in.patch")) (sha256 (base32 - "1bvka2wf33w2vxv7yw578nnjqyhz2b3chvfb0l4k2ffscw950kfy")))) + "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq")))) (outputs '("out" "doc" ;1.3MiB of man3 pages "static")) ; 5.5MiB of .a files -- cgit v1.2.3 From 590bdc149b28e03cfd1668e8026919e89e61f00f Mon Sep 17 00:00:00 2001 From: Leo Famulari Date: Tue, 27 Mar 2018 16:01:56 -0400 Subject: gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-2018-0739]. * gnu/packages/tls.scm (openssl)[replacement]: New field. (openssl-1.0.2o): New variable. --- gnu/packages/tls.scm | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'gnu/packages/tls.scm') diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 74843c0a96..79bf884259 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -255,6 +255,7 @@ required structures.") (define-public openssl (package (name "openssl") + (replacement openssl-1.0.2o) (version "1.0.2n") (source (origin (method url-fetch) @@ -399,6 +400,27 @@ required structures.") (license license:openssl) (home-page "https://www.openssl.org/"))) +(define openssl-1.0.2o + (package + (inherit openssl) + (name "openssl") + (version "1.0.2o") + (source (origin + (inherit (package-source openssl)) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/" + name "-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/" name "-" version ".tar.gz"))) + (sha256 + (base32 + "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc")) + ;; Erase the inherited snippet, which isn't applicable to + ;; OpenSSL 1.0.2o. + (snippet #f))))) + (define-public openssl-next (package (inherit openssl) -- cgit v1.2.3