guix-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OpenSSL 1.1.0c security update required


From: Leo Famulari
Subject: OpenSSL 1.1.0c security update required
Date: Thu, 10 Nov 2016 20:40:18 -0500
User-agent: Mutt/1.7.1 (2016-10-04)

OpenSSL 1.1.0c was released today. It fixes CVE-2016-{7053,7054,7055}:

https://www.openssl.org/news/secadv/20161110.txt

This version of OpenSSL is *not* currently used by any packages, so it's
not a critical "drop everything and get to work" update, in my opinion.

They changed how library runpaths are recorded at build time, and so our
packaging no longer works:

https://github.com/openssl/openssl/pull/1699

I can tackle it in the next few days if nobody else gets to it first.

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]