GNU bug report logs -
#30966
[PATCH] gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-2018-0739].
Previous Next
Reported by: Leo Famulari <leo <at> famulari.name>
Date: Tue, 27 Mar 2018 22:45:01 UTC
Severity: normal
Tags: patch
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
[Message part 1 (text/plain, inline)]
Your bug report
#30966: [PATCH] gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-2018-0739].
which was filed against the guix-patches package, has been closed.
The explanation is attached below, along with your original report.
If you require more details, please reply to 30966 <at> debbugs.gnu.org.
--
30966: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=30966
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems
[Message part 2 (message/rfc822, inline)]
[Message part 3 (text/plain, inline)]
On Wed, Mar 28, 2018 at 05:05:37PM +0200, Ludovic Courtès wrote:
> Hi Leo,
>
> Leo Famulari <leo <at> famulari.name> skribis:
>
> > * gnu/packages/tls.scm (openssl)[replacement]: New field.
> > (openssl-1.0.2o): New variable.
>
> [...]
>
> > + (uri (list (string-append "https://www.openssl.org/source/openssl-"
> > + version ".tar.gz")
> > + (string-append "ftp://ftp.openssl.org/source/"
> > + name "-" version ".tar.gz")
> > + (string-append "ftp://ftp.openssl.org/source/old/"
> > + (string-trim-right version char-set:letter)
> > + "/" name "-" version ".tar.gz")))
>
> Eventually we should factorize this in an ‘openssl-source-url’ procedure.
Yup :)
> > + (sha256
> > + (base32
> > + "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc"))
> > + ;; Erase the inherited snippet, which isn't applicable to
> > + ;; OpenSSL 1.0.2o.
> > + (snippet
> > + '(begin
> > + #t))))))
>
> Use (snippet #f) to really annihilate the snippet, otherwise you create
> a snippet that does nothing, yet entails and unpack-and-repack step.
Oh, right :p
Thanks! Pushed as 590bdc149b28e03cfd1668e8026919e89e61f00f
[signature.asc (application/pgp-signature, inline)]
[Message part 5 (message/rfc822, inline)]
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2o): New variable.
---
gnu/packages/tls.scm | 24 ++++++++++++++++++++++++
1 file changed, 24 insertions(+)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 74843c0a9..3f317aa00 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -255,6 +255,7 @@ required structures.")
(define-public openssl
(package
(name "openssl")
+ (replacement openssl-1.0.2o)
(version "1.0.2n")
(source (origin
(method url-fetch)
@@ -399,6 +400,29 @@ required structures.")
(license license:openssl)
(home-page "https://www.openssl.org/")))
+(define-public openssl-1.0.2o
+ (package
+ (inherit openssl)
+ (name "openssl")
+ (version "1.0.2o")
+ (source (origin
+ (inherit (package-source openssl))
+ (uri (list (string-append "https://www.openssl.org/source/openssl-"
+ version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/"
+ name "-" version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/old/"
+ (string-trim-right version char-set:letter)
+ "/" name "-" version ".tar.gz")))
+ (sha256
+ (base32
+ "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc"))
+ ;; Erase the inherited snippet, which isn't applicable to
+ ;; OpenSSL 1.0.2o.
+ (snippet
+ '(begin
+ #t))))))
+
(define-public openssl-next
(package
(inherit openssl)
--
2.16.3
This bug report was last modified 7 years and 60 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.