[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: openssl: Update to 1.0.2g [fixes CVE-2016-{0800, 0705, 0798,
From: |
Mark H. Weaver |
Subject: |
01/01: gnu: openssl: Update to 1.0.2g [fixes CVE-2016-{0800, 0705, 0798, 0797, 0799, 0702, 0703, 0704}]. |
Date: |
Wed, 02 Mar 2016 00:26:06 +0000 |
mhw pushed a commit to branch security-updates
in repository guix.
commit b2e300c1401f045af97549295048f91a8092d2f8
Author: Mark H Weaver <address@hidden>
Date: Tue Mar 1 19:14:20 2016 -0500
gnu: openssl: Update to 1.0.2g [fixes
CVE-2016-{0800,0705,0798,0797,0799,0702,0703,0704}].
* gnu/packages/patches/openssl-c-rehash.patch: Delete file.
* gnu-system.am (dist_patch_DATA): Remove it.
* gnu/packages/tls.scm (openssl): Update to 1.0.2g.
---
gnu-system.am | 1 -
gnu/packages/patches/openssl-c-rehash.patch | 17 -----------------
gnu/packages/tls.scm | 27 +++------------------------
3 files changed, 3 insertions(+), 42 deletions(-)
diff --git a/gnu-system.am b/gnu-system.am
index 7cfc485..d2735db 100644
--- a/gnu-system.am
+++ b/gnu-system.am
@@ -630,7 +630,6 @@ dist_patch_DATA =
\
gnu/packages/patches/openjpeg-CVE-2015-6581.patch \
gnu/packages/patches/openjpeg-use-after-free-fix.patch \
gnu/packages/patches/openssl-runpath.patch \
- gnu/packages/patches/openssl-c-rehash.patch \
gnu/packages/patches/openssl-c-rehash-in.patch \
gnu/packages/patches/orpheus-cast-errors-and-includes.patch \
gnu/packages/patches/ots-no-include-missing-file.patch \
diff --git a/gnu/packages/patches/openssl-c-rehash.patch
b/gnu/packages/patches/openssl-c-rehash.patch
deleted file mode 100644
index f873a9a..0000000
--- a/gnu/packages/patches/openssl-c-rehash.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-This patch removes the explicit reference to the 'perl' binary,
-such that OpenSSL does not retain a reference to Perl.
-
-The 'c_rehash' program is seldom used, but it is used nonetheless
-to create symbolic links to certificates, for instance in the 'nss-certs'
-package.
-
---- openssl-1.0.2d/tools/c_rehash 2015-09-09 18:36:07.313316482 +0200
-+++ openssl-1.0.2d/tools/c_rehash 2015-09-09 18:36:28.965458458 +0200
-@@ -1,4 +1,6 @@
--#!/usr/bin/perl
-+eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
-+ & eval 'exec perl -wS "$0" $argv:q'
-+ if 0;
-
- # Perl c_rehash script, scan all files in a directory
- # and add symbolic links to their hash values.
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 11a59db..9a72bec 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -179,9 +179,8 @@ required structures.")
(define-public openssl
(package
- (replacement openssl-1.0.2g)
(name "openssl")
- (version "1.0.2f")
+ (version "1.0.2g")
(source (origin
(method url-fetch)
(uri (list (string-append "ftp://ftp.openssl.org/source/"
@@ -191,10 +190,10 @@ required structures.")
"/" name "-" version ".tar.gz")))
(sha256
(base32
- "171fkdg9v6j29d962nh6kb79kfm8kkhy7n9makw39d7jvvj4wawk"))
+ "0cxajjayi859czi545ddafi24m9nwsnjsw4q82zrmqvwj2rv315p"))
(patches (map search-patch
'("openssl-runpath.patch"
- "openssl-c-rehash.patch")))))
+ "openssl-c-rehash-in.patch")))))
(build-system gnu-build-system)
(native-inputs `(("perl" ,perl)))
(arguments
@@ -283,26 +282,6 @@ required structures.")
(license license:openssl)
(home-page "http://www.openssl.org/")))
-(define openssl-1.0.2g
- (package
- (inherit openssl)
- (replacement #f)
- (source
- (let ((name "openssl") (version "1.0.2g"))
- (origin
- (method url-fetch)
- (uri (list (string-append "ftp://ftp.openssl.org/source/"
- name "-" version ".tar.gz")
- (string-append "ftp://ftp.openssl.org/source/old/"
- (string-trim-right version char-set:letter)
- "/" name "-" version ".tar.gz")))
- (sha256
- (base32
- "0cxajjayi859czi545ddafi24m9nwsnjsw4q82zrmqvwj2rv315p"))
- (patches (map search-patch
- '("openssl-runpath.patch"
- "openssl-c-rehash-in.patch"))))))))
-
(define-public libressl
(package
(name "libressl")
- branch security-updates created (now b2e300c), Mark H. Weaver, 2016/03/01
- 01/01: gnu: openssl: Update to 1.0.2g [fixes CVE-2016-{0800, 0705, 0798, 0797, 0799, 0702, 0703, 0704}].,
Mark H. Weaver <=