From patchwork Tue Aug 24 15:56:44 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leo Famulari X-Patchwork-Id: 32244 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id D583627BC6B; Tue, 24 Aug 2021 16:58:10 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,T_DKIM_INVALID, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 9A5D227BC78 for ; Tue, 24 Aug 2021 16:58:09 +0100 (BST) Received: from localhost ([::1]:35376 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mIYoS-0002Vz-JT for patchwork@mira.cbaines.net; Tue, 24 Aug 2021 11:58:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46902) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIYoM-0002Vp-7N for guix-patches@gnu.org; Tue, 24 Aug 2021 11:58:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:33511) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mIYoL-0002KF-Vz for guix-patches@gnu.org; Tue, 24 Aug 2021 11:58:01 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mIYoL-00078x-SZ for guix-patches@gnu.org; Tue, 24 Aug 2021 11:58:01 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#50188] [PATCH] gnu: OpenSSL: Update to 1.1.1l [security fixes]. Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 24 Aug 2021 15:58:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 50188 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 50188@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.162982062527384 (code B ref -1); Tue, 24 Aug 2021 15:58:01 +0000 Received: (at submit) by debbugs.gnu.org; 24 Aug 2021 15:57:05 +0000 Received: from localhost ([127.0.0.1]:45057 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mIYnR-00077c-02 for submit@debbugs.gnu.org; Tue, 24 Aug 2021 11:57:05 -0400 Received: from lists.gnu.org ([209.51.188.17]:38766) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mIYnP-00077U-CM for submit@debbugs.gnu.org; Tue, 24 Aug 2021 11:57:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:46710) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIYnO-0002Sc-Vr for guix-patches@gnu.org; Tue, 24 Aug 2021 11:57:03 -0400 Received: from out5-smtp.messagingengine.com ([66.111.4.29]:46637) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mIYnM-0001c9-Rf for guix-patches@gnu.org; Tue, 24 Aug 2021 11:57:02 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 7C7755C011D; Tue, 24 Aug 2021 11:56:58 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 24 Aug 2021 11:56:58 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=from:to:subject:date:message-id:mime-version :content-transfer-encoding; s=mesmtp; bh=+MgDSiQBQxRnok/IGbZhe7g mdZaToiOF/r+wowZTwC0=; b=uCpYF9mAQIE4YB7nqZQzHIfwhPntRjBFYRaUNyt MQosnmiosLS+/oAuWzQgFOctbJC0OIIvTzpuyIpo9oOnlkQZ6mV3KO+sbRAMo9gP JC9k423gZwA+yHjw1dvhgdXm4hbY94TTJLY3ARgm5Mr6JaCPuN2bAM3mxNpfrKEJ +ekQ= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=+MgDSiQBQxRnok/IG bZhe7gmdZaToiOF/r+wowZTwC0=; b=mGeVAOU4yxpG+3gEDLzlkjntrnbIsORkn C8NNyQEIPlgdkE+0h0X54p/7nUcTKrN3Syx64DxC6krqq7z16UBOHA9u/j1nNfD5 WuI8Wz4afR2lKoZ6HqfnT8vCtqstQXz2uHay5keCeiElCt3PYNrjL3p+wRLhiOsv rOl88ABwIHMMrHi7LXe50tu9//sxoANGaN3lhjVQi3FPps7/WVijFeed1/akUE9D yjFteHCGqaL7siA03rzn8UNvd7S+d7fPgGL8JdEnNEhGW87UtwWEhA/xotfewHIA WO84FSgcdistQkh4BYymA36ugfb+YxAjOXLZpYLnzYDTYQTqziL5A== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvtddruddtjedgleehucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgrrhhi rdhnrghmvgeqnecuggftrfgrthhtvghrnhepffeuheejvdejhfetjeeiieduueehteehtd evkeetfefgffehfeehfedvheegfeehnecuffhomhgrihhnpehophgvnhhsshhlrdhorhhg necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvoh esfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: by mail.messagingengine.com (Postfix) with ESMTPA for ; Tue, 24 Aug 2021 11:56:58 -0400 (EDT) From: Leo Famulari Date: Tue, 24 Aug 2021 11:56:44 -0400 Message-Id: <7632fa06633b1d0c9cdda55b2e69d556f149ea6d.1629820600.git.leo@famulari.name> X-Mailer: git-send-email 2.32.0 MIME-Version: 1.0 Received-SPF: pass client-ip=66.111.4.29; envelope-from=leo@famulari.name; helo=out5-smtp.messagingengine.com X-Spam_score_int: -27 X-Spam_score: -2.8 X-Spam_bar: -- X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches https://www.openssl.org/news/secadv/20210824.txt * gnu/packages/tls.scm (openssl)[replacement]: Use openssl-1.1.1l. (openssl-1.1.1k): Replace with ... (openssl-1.1.1l): ... new variable. --- gnu/packages/tls.scm | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index fb7d364c94..154b3dc207 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -356,7 +356,7 @@ required structures.") (package (name "openssl") (version "1.1.1j") - (replacement openssl-1.1.1k) + (replacement openssl-1.1.1l) (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -490,11 +490,10 @@ required structures.") (license license:openssl) (home-page "https://www.openssl.org/"))) -;; Replacement package to fix CVE-2021-3449 and CVE-2021-3450. -(define openssl-1.1.1k +(define openssl-1.1.1l (package (inherit openssl) - (version "1.1.1k") + (version "1.1.1l") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -507,7 +506,7 @@ required structures.") (patches (search-patches "openssl-1.1-c-rehash-in.patch")) (sha256 (base32 - "1rdfzcrxy9y38wqdw5942vmdax9hjhgrprzxm42csal7p5shhal9")))))) + "1lbblxps2fhmz7bqh058iywh5wxfignbfx1s1kz2fj63b5g3wyhb")))))) ;; We will not add any new uses of this package. If you add new code that uses ;; this package, your change will be reverted!