From d87e547702bcffdf0eb3948409a94f146538afb8 Mon Sep 17 00:00:00 2001 From: Tobias Geerinckx-Rice Date: Wed, 15 Aug 2018 00:24:17 +0200 Subject: gnu: openssl@1.1: Update to 1.1.0i [fix CVE-2018-0737]. Also includes a fix for CVE-2018-0732, and a different approach to fixing CVE-2018-0495. * gnu/packages/tls.scm (openssl-next): Update to 1.1.0i. [sources]: Remove CVE patches. * gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch: Delete... * gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: ...both files. * gnu/local.mk (dist_patch_DATA): Remove them. --- gnu/packages/tls.scm | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) (limited to 'gnu/packages/tls.scm') diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index cafe71bd41..28d2ea5fd5 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -410,7 +410,7 @@ required structures.") (package (inherit openssl) (name "openssl") - (version "1.1.0h") + (version "1.1.0i") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -420,14 +420,12 @@ required structures.") (string-append "ftp://ftp.openssl.org/source/old/" (string-trim-right version char-set:letter) "/" name "-" version ".tar.gz"))) - (patches (search-patches "openssl-1.1.0-c-rehash-in.patch" - "openssl-1.1.0-CVE-2018-0495.patch" - "openssl-1.1.0-CVE-2018-0732.patch")) + (patches (search-patches "openssl-1.1.0-c-rehash-in.patch")) (sha256 (base32 - "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq")))) + "16fgaf113p6s5ixw227sycvihh3zx6f6rf0hvjjhxk68m12cigzb")))) (outputs '("out" - "doc" ;1.3MiB of man3 pages + "doc" ; 1.3MiB of man3 pages "static")) ; 5.5MiB of .a files (arguments (substitute-keyword-arguments (package-arguments openssl) -- cgit v1.2.3