nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-2018-0739]. 

* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2o): New variable.
This commit is contained in:
Leo Famulari 2018-03-27 16:01:56 -04:00
parent 1cde746700
commit 590bdc149b
No known key found for this signature in database
GPG Key ID: 2646FA30BACA7F08
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
gnu/packages/tls.scm
View File

@ -255,6 +255,7 @@ required structures.")
(define-public openssl (define-public openssl
(package (package
(name "openssl") (name "openssl")
(replacement openssl-1.0.2o)
(version "1.0.2n") (version "1.0.2n")
(source (origin (source (origin
(method url-fetch) (method url-fetch)
@ -399,6 +400,27 @@ required structures.")
(license license:openssl) (license license:openssl)
(home-page "https://www.openssl.org/"))) (home-page "https://www.openssl.org/")))
(define openssl-1.0.2o
(package
(inherit openssl)
(name "openssl")
(version "1.0.2o")
(source (origin
(inherit (package-source openssl))
(uri (list (string-append "https://www.openssl.org/source/openssl-"
version ".tar.gz")
(string-append "ftp://ftp.openssl.org/source/"
name "-" version ".tar.gz")
(string-append "ftp://ftp.openssl.org/source/old/"
(string-trim-right version char-set:letter)
"/" name "-" version ".tar.gz")))
(sha256
(base32
"0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc"))
;; Erase the inherited snippet, which isn't applicable to
;; OpenSSL 1.0.2o.
(snippet #f)))))
(define-public openssl-next (define-public openssl-next
(package (package
(inherit openssl) (inherit openssl)