[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 0/1] OpenSSL 1.1.0
|
From: |
Leo Famulari |
|
Subject: |
Re: [PATCH 0/1] OpenSSL 1.1.0 |
|
Date: |
Sat, 3 Sep 2016 22:48:57 -0400 |
|
User-agent: |
Mutt/1.7.0 (2016-08-17) |
On Sat, Sep 03, 2016 at 10:20:49PM -0400, Leo Famulari wrote:
> On Sat, Sep 03, 2016 at 04:34:51PM +0200, Ludovic Courtès wrote:
> > Yes, but as long the ‘openssl’ refers to 1.0.x, it doesn’t really matter
> > than the “openssl” package points to the latest one, no? Use can still
> > run “guix package -i address@hidden if they want.
>
> Oh, right :)
>
> I've attached a patch for review.
By the way, if you run `guix lint`, you will see a warning about
CVE-2016-2183. I think we will be unaffected; this vulnerability will
only manifest if we build with "--enable-weak-ssl-ciphers".
https://www.openssl.org/blog/blog/2016/08/24/sweet32/
- [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/01
- [PATCH 1/1] gnu: openssl: Update to 1.1.0., Leo Famulari, 2016/09/01
- Re: [PATCH 0/1] OpenSSL 1.1.0, Ricardo Wurmus, 2016/09/02
- Re: [PATCH 0/1] OpenSSL 1.1.0, Ludovic Courtès, 2016/09/02
- Re: [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/02
- Re: [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/02
- Re: [PATCH 0/1] OpenSSL 1.1.0, Ludovic Courtès, 2016/09/03
- Re: [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/03
- Re: [PATCH 0/1] OpenSSL 1.1.0, Ludovic Courtès, 2016/09/03
- Re: [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/03
- Re: [PATCH 0/1] OpenSSL 1.1.0,
Leo Famulari <=
- Re: [PATCH 0/1] OpenSSL 1.1.0, Ludovic Courtès, 2016/09/05
- Re: [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/05
- Re: [PATCH 0/1] OpenSSL 1.1.0, Ludovic Courtès, 2016/09/06
- Re: [PATCH 0/1] OpenSSL 1.1.0, Leo Famulari, 2016/09/06