From patchwork Mon Sep 25 20:17:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christopher Baines X-Patchwork-Id: 54283 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 0647B27BBEA; Mon, 25 Sep 2023 21:18:18 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, SPF_HELO_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 31F3B27BBE2 for ; Mon, 25 Sep 2023 21:18:13 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qks1l-0006ZK-2n; Mon, 25 Sep 2023 16:17:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qks1j-0006Z3-Dw for guix-patches@gnu.org; Mon, 25 Sep 2023 16:17:55 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qks1e-00035T-7Y for guix-patches@gnu.org; Mon, 25 Sep 2023 16:17:54 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qks1q-0004NT-NO for guix-patches@gnu.org; Mon, 25 Sep 2023 16:18:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#66198] [PATCH] gnu: openssl-3.0: replace with 3.1.3. Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 25 Sep 2023 20:18:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 66198 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 66198@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.169567305616787 (code B ref -1); Mon, 25 Sep 2023 20:18:02 +0000 Received: (at submit) by debbugs.gnu.org; 25 Sep 2023 20:17:36 +0000 Received: from localhost ([127.0.0.1]:46719 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qks1Q-0004Md-Gi for submit@debbugs.gnu.org; Mon, 25 Sep 2023 16:17:36 -0400 Received: from lists.gnu.org ([2001:470:142::17]:41770) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qks1M-0004ME-9Z for submit@debbugs.gnu.org; Mon, 25 Sep 2023 16:17:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qks13-0006Vk-Kw for guix-patches@gnu.org; Mon, 25 Sep 2023 16:17:13 -0400 Received: from mira.cbaines.net ([212.71.252.8]) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qks0t-00032E-Uv for guix-patches@gnu.org; Mon, 25 Sep 2023 16:17:11 -0400 Received: from localhost (unknown [79.173.170.234]) by mira.cbaines.net (Postfix) with ESMTPSA id EB91327BBE2 for ; Mon, 25 Sep 2023 21:17:01 +0100 (BST) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id 9501a8f1 for ; Mon, 25 Sep 2023 20:17:00 +0000 (UTC) From: Christopher Baines Date: Mon, 25 Sep 2023 21:17:00 +0100 Message-ID: <319db45acb202e19aaf6b6479a2bcbec1ba78980.1695673020.git.mail@cbaines.net> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Received-SPF: pass client-ip=212.71.252.8; envelope-from=mail@cbaines.net; helo=mira.cbaines.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, T_SPF_TEMPERROR=0.01, UNPARSEABLE_RELAY=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches From: Sevan Janiyan Address various CVEs. * gnu/packages/tls.scm (openssl-3.1.3): New variable. (openssl-3.0)[replacement]: Use it. --- gnu/packages/tls.scm | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) base-commit: fafd3caef0d51811a5da81d6061789e2908b0dac diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index b669ac2e8d..62af3589a7 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -571,6 +571,7 @@ (define-public openssl-3.0 (package (inherit openssl-1.1) (version "3.0.8") + (replacement openssl-3.1.3) (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -605,6 +606,24 @@ (define-public openssl-3.0 (define-public openssl openssl-3.0) +(define-public openssl-3.1.3 + (package + (inherit openssl-3.0) + (version "3.1.3") + (source (origin + (method url-fetch) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/" + "openssl-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/openssl-" version ".tar.gz"))) + (patches (search-patches "openssl-3.0-c-rehash-in.patch")) + (sha256 + (base32 + "1xmc5s5ihapvj9k4d33qjch3104zd1c58i3n54sz5rw9plp6lcgh")))))) + (define-public bearssl (package (name "bearssl")