From patchwork Tue Jul 5 16:56:08 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leo Famulari X-Patchwork-Id: 40521 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id E391127BBEA; Tue, 5 Jul 2022 18:00:10 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 76B5A27BBE9 for ; Tue, 5 Jul 2022 18:00:10 +0100 (BST) Received: from localhost ([::1]:38526 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1o8luD-00078i-IW for patchwork@mira.cbaines.net; Tue, 05 Jul 2022 13:00:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43970) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o8lrD-0001SK-9n for guix-patches@gnu.org; Tue, 05 Jul 2022 12:57:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:57609) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1o8lrC-0004Kq-Ku for guix-patches@gnu.org; Tue, 05 Jul 2022 12:57:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1o8lrC-0004TK-K9 for guix-patches@gnu.org; Tue, 05 Jul 2022 12:57:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#56403] [PATCH 1/2] gnu: OpenSSL: Update to 1.1.1q [fixes CVE-2022-2097]. References: In-Reply-To: Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 05 Jul 2022 16:57:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 56403 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: 56403@debbugs.gnu.org Received: via spool by 56403-submit@debbugs.gnu.org id=B56403.165704018617141 (code B ref 56403); Tue, 05 Jul 2022 16:57:02 +0000 Received: (at 56403) by debbugs.gnu.org; 5 Jul 2022 16:56:26 +0000 Received: from localhost ([127.0.0.1]:51505 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1o8lqb-0004SK-Pt for submit@debbugs.gnu.org; Tue, 05 Jul 2022 12:56:26 -0400 Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:45985) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1o8lqW-0004Rt-JJ for 56403@debbugs.gnu.org; Tue, 05 Jul 2022 12:56:21 -0400 Received: from compute5.internal (compute5.nyi.internal [10.202.2.45]) by mailout.west.internal (Postfix) with ESMTP id B7F6532008FE; Tue, 5 Jul 2022 12:56:13 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute5.internal (MEProxy); Tue, 05 Jul 2022 12:56:13 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=cc:content-transfer-encoding:date:date:from:from:in-reply-to :message-id:mime-version:reply-to:sender:subject:subject:to:to; s=mesmtp; t=1657040173; x=1657126573; bh=+RDUthd5fRf9/F/zoRP8AK eFIbboCaV0J6a24jkQd14=; b=Z0ddkSou9q3mJO34jxed1I2LbgQKAKTredm5db e06fTz+R8Xe61PxuAocmWtOD+uPoEo6Mfemwy69NCANRrmdGNwj0aWRg3jbRkG5b GlO5eG9mxw/CLsRllNQB/7XkPeD9aHggp+YqHiIamhkGN66NzdtnBNx9oDausIbm jPfGg= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:message-id :mime-version:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1657040173; x=1657126573; bh=+RDUthd5fRf9/F/zoRP8AKeFIbboCaV0J6a 24jkQd14=; b=iAFIAlWf4+UNCIaH9jk/vG2RZ+RZXfh50EremiX0L5KjODKqFvR DwFUGwvOlEndKH2wzCwg1AV+7rvr9EauR6Xkl5arpPDt+OEObMEvUj4D7MAuXFy3 QrprxM4+n/wcjH3/C7FJj3PsvidpFi+kyxYGUFJyMvyzMVAk4tzHHtCIyDnej70S W9IdkJvAcJfTTBQydxK1Y+Iugmkl/F7IVNimEdKPYFPAyNWnUBCoCu6Qu4Z+K2q+ fxv8GkQ1XPEe0vbPbRXZ+Tx6MZhwvmT/fT9zOJlexo44+mGQ71RXXAWPauqaWoXc a1WFGQJ3m6cpBzRPFICDprskreWaIyXvZKw== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudeiuddgudduudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffoggfgsedtkeertd ertddtnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhlrghr ihdrnhgrmhgvqeenucggtffrrghtthgvrhhnpeehjefgtefgleethfehffdvhfffleeigf fhuedvffelgeeiuedvfeehleefudefjeenucffohhmrghinheptghvvgdrohhrghdpohhp vghnshhslhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrih hlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Feedback-ID: i819c4023:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for <56403@debbugs.gnu.org>; Tue, 5 Jul 2022 12:56:12 -0400 (EDT) From: Leo Famulari Date: Tue, 5 Jul 2022 12:56:08 -0400 Message-Id: <5c4fe7cfd378c9f89f8af5c953685f72994e9a74.1657040169.git.leo@famulari.name> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches https://www.cve.org/CVERecord?id=CVE-2022-2097 * gnu/packages/tls.scm (openssl/fixed): Update to 1.1.1q. --- gnu/packages/tls.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 9e52225d52..f65ae63379 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -507,7 +507,7 @@ (define openssl/fixed (package (inherit openssl) (name "openssl") - (version "1.1.1p") + (version "1.1.1q") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -520,7 +520,7 @@ (define openssl/fixed (patches (search-patches "openssl-1.1-c-rehash-in.patch")) (sha256 (base32 - "0vyfibydji26wk1fmm0piz0810mfr7j4vaa2k5iwgiv6m8mbcqdz")))))) + "1jhhzp4gh6ymidxm1ckjk948l583awp0w3y2nvqdz7022kk9r4yp")))))) (define-public openssl-3.0 (package From patchwork Tue Jul 5 16:56:09 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Leo Famulari X-Patchwork-Id: 40522 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id B01E727BBEA; Tue, 5 Jul 2022 18:01:05 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,MAILING_LIST_MULTI,SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id 68A8E27BBE9 for ; Tue, 5 Jul 2022 18:01:05 +0100 (BST) Received: from localhost ([::1]:39446 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1o8lv6-0007oC-H5 for patchwork@mira.cbaines.net; Tue, 05 Jul 2022 13:01:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43972) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1o8lrD-0001SL-A8 for guix-patches@gnu.org; Tue, 05 Jul 2022 12:57:04 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:57608) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1o8lrC-0004Kp-Fm for guix-patches@gnu.org; Tue, 05 Jul 2022 12:57:03 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1o8lrC-0004TC-7J for guix-patches@gnu.org; Tue, 05 Jul 2022 12:57:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#56403] [PATCH 2/2] gnu: OpenSSL 3.0.0: Update to 3.0.5 [fixes CVE-2022-2097 and CVE-2022-2274]. Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 05 Jul 2022 16:57:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 56403 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: To: 56403@debbugs.gnu.org Received: via spool by 56403-submit@debbugs.gnu.org id=B56403.165704018517135 (code B ref 56403); Tue, 05 Jul 2022 16:57:02 +0000 Received: (at 56403) by debbugs.gnu.org; 5 Jul 2022 16:56:25 +0000 Received: from localhost ([127.0.0.1]:51503 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1o8lqY-0004SE-A9 for submit@debbugs.gnu.org; Tue, 05 Jul 2022 12:56:25 -0400 Received: from wout2-smtp.messagingengine.com ([64.147.123.25]:49921) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1o8lqW-0004Rv-QB for 56403@debbugs.gnu.org; Tue, 05 Jul 2022 12:56:21 -0400 Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id 152BD320093E; Tue, 5 Jul 2022 12:56:14 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Tue, 05 Jul 2022 12:56:15 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=cc:content-transfer-encoding:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=mesmtp; t=1657040174; x=1657126574; bh=eLSU1eWyPx+1DTeo5RxFw4IWnhcUXkkd5FQOLiZLPms=; b=DfcUj4p8Im58 KwPWWxxT82k7RjaocfsjiyXoIqyXu527JsBKw9tvMnfRTJEiIaMpT4xfoTumahrI Qgh12wu7o4pp70+3gau7dnON8Ew7VyyaXetmjP7VPSXTiaKst0dByPQP1k0GK7qL op99U5G7agcypVTdydwRLXL8Yppt++k= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1657040174; x=1657126574; bh=eLSU1eWyPx+1D Teo5RxFw4IWnhcUXkkd5FQOLiZLPms=; b=IfB7YGv/Sjt1F48lyr1/WCgBSbpcD AHdfoq+QMuM5vZc7R5GrPX9U7MmbbQsCMZHwxzUVlJbeEDxIcxYdgdr/wzdgl+D4 30WnihuBTI8x+LE7rwQzgee8Aw/2y4iFgaNFkJkiFSAAtrTN7XpGTCkTOBo+1q/s WpTdgtHUI+Cbxi07JVqu7b2gRuS1Bt1UQwYbcXvGt9FBRmXtNZEItyCc9qbVV0Ku dID4OZmWOkD+8xZw5rbf8ATSa9TeXICrBcX+hKygbAYnwtntUXtaXR9U2JiGiWsj Uu+WsxEc6CDL0cZoJR9SWQ+EwNHmAPdauzVCQMa+Re5jL0OzwWDAUdqvg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrudeiuddgudduudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhephffvufffkffojghfggfgsedtke ertdertddtnecuhfhrohhmpefnvghoucfhrghmuhhlrghrihcuoehlvghosehfrghmuhhl rghrihdrnhgrmhgvqeenucggtffrrghtthgvrhhnpedvtdfguedugeejveevkedvieetud evgfefgfefleevgefhtdekgeevvdffudejveenucffohhmrghinheptghvvgdrohhrghdp ohhpvghnshhslhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmh grihhlfhhrohhmpehlvghosehfrghmuhhlrghrihdrnhgrmhgv X-ME-Proxy: Feedback-ID: i819c4023:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA for <56403@debbugs.gnu.org>; Tue, 5 Jul 2022 12:56:14 -0400 (EDT) From: Leo Famulari Date: Tue, 5 Jul 2022 12:56:09 -0400 Message-Id: X-Mailer: git-send-email 2.36.1 In-Reply-To: <5c4fe7cfd378c9f89f8af5c953685f72994e9a74.1657040169.git.leo@famulari.name> References: <5c4fe7cfd378c9f89f8af5c953685f72994e9a74.1657040169.git.leo@famulari.name> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" X-getmail-retrieved-from-mailbox: Patches https://www.cve.org/CVERecord?id=CVE-2022-2097 https://www.cve.org/CVERecord?id=CVE-2022-2274 * gnu/packages/tls.scm (openssl-3.0): Update to 3.0.5. --- gnu/packages/tls.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index f65ae63379..1ee5400a9c 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -525,7 +525,7 @@ (define openssl/fixed (define-public openssl-3.0 (package (inherit openssl) - (version "3.0.4") + (version "3.0.5") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -538,7 +538,7 @@ (define-public openssl-3.0 (patches (search-patches "openssl-3.0-c-rehash-in.patch")) (sha256 (base32 - "03y0q2pzpkpgfgf74x4pf8gyar9d7pb0l0p7g2s0m2k6k8z88c98")))) + "0yja085lygkdxbf4k4rckkj9r24p8dgix8avqljnbbbixydqszda")))) (arguments (substitute-keyword-arguments (package-arguments openssl) ((#:phases phases '%standard-phases)