From patchwork Mon Sep 25 19:50:50 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Christopher Baines X-Patchwork-Id: 54282 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 297BF27BBE9; Mon, 25 Sep 2023 20:52:00 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.9 required=5.0 tests=BAYES_00,MAILING_LIST_MULTI, SPF_HELO_PASS,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id C207927BBE2 for ; Mon, 25 Sep 2023 20:51:58 +0100 (BST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrcW-00042u-Vv; Mon, 25 Sep 2023 15:51:53 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrcU-00042Z-IJ for guix-patches@gnu.org; Mon, 25 Sep 2023 15:51:50 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1qkrcU-0006kp-9g for guix-patches@gnu.org; Mon, 25 Sep 2023 15:51:50 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1qkrcg-0003hr-F5 for guix-patches@gnu.org; Mon, 25 Sep 2023 15:52:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#66197] [PATCH] gnu: openssl-1.1: replace with 1.1.1w. Resent-From: Christopher Baines Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Mon, 25 Sep 2023 19:52:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 66197 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 66197@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.169567148014167 (code B ref -1); Mon, 25 Sep 2023 19:52:02 +0000 Received: (at submit) by debbugs.gnu.org; 25 Sep 2023 19:51:20 +0000 Received: from localhost ([127.0.0.1]:46703 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qkrc0-0003gQ-FM for submit@debbugs.gnu.org; Mon, 25 Sep 2023 15:51:20 -0400 Received: from lists.gnu.org ([2001:470:142::17]:48424) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qkrbv-0003gA-UB for submit@debbugs.gnu.org; Mon, 25 Sep 2023 15:51:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qkrbd-0003lh-HL for guix-patches@gnu.org; Mon, 25 Sep 2023 15:50:57 -0400 Received: from mira.cbaines.net ([2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27]) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qkrba-0006Pr-E0 for guix-patches@gnu.org; Mon, 25 Sep 2023 15:50:56 -0400 Received: from localhost (unknown [79.173.170.234]) by mira.cbaines.net (Postfix) with ESMTPSA id 6AF0327BBE2 for ; Mon, 25 Sep 2023 20:50:51 +0100 (BST) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id fe138359 for ; Mon, 25 Sep 2023 19:50:50 +0000 (UTC) From: Christopher Baines Date: Mon, 25 Sep 2023 20:50:50 +0100 Message-ID: <75e1d6fde5411ddca822caf5a8683b4fe6d41bde.1695671450.git.mail@cbaines.net> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Received-SPF: pass client-ip=2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27; envelope-from=mail@cbaines.net; helo=mira.cbaines.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001, UNPARSEABLE_RELAY=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org X-getmail-retrieved-from-mailbox: Patches From: Sevan Janiyan Address various CVEs. * gnu/packages/tls.scm (openssl/fixed): Update to 1.1.1w. (openssl-1.1)[replacement]: Use openssl/fixed --- gnu/packages/tls.scm | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) base-commit: fafd3caef0d51811a5da81d6061789e2908b0dac diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index b669ac2e8d..6a26abd6c5 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -426,6 +426,7 @@ (define-public openssl-1.1 (package (name "openssl") (version "1.1.1q") + (replacement openssl/fixed) (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -552,7 +553,7 @@ (define openssl/fixed (package (inherit openssl-1.1) (name "openssl") - (version "1.1.1t") + (version "1.1.1w") (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -565,7 +566,7 @@ (define openssl/fixed (patches (search-patches "openssl-1.1-c-rehash-in.patch")) (sha256 (base32 - "0fwxhlv7ary9nzg5mx07x1jj3wkbizxh56qy7l6bzp5iplj9pvld")))))) + "1j3anw4554lk3m9cvjngvh1c2gbdkhgiz160jnnm7n5l1jarhc6g")))))) (define-public openssl-3.0 (package