GNU bug report logs -
#30966
[PATCH] gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-2018-0739].
Previous Next
Reported by: Leo Famulari <leo <at> famulari.name>
Date: Tue, 27 Mar 2018 22:45:01 UTC
Severity: normal
Tags: patch
Done: Leo Famulari <leo <at> famulari.name>
Bug is archived. No further changes may be made.
Full log
Message #13 received at 30966-done <at> debbugs.gnu.org (full text, mbox):
[Message part 1 (text/plain, inline)]
On Wed, Mar 28, 2018 at 05:05:37PM +0200, Ludovic Courtès wrote:
> Hi Leo,
>
> Leo Famulari <leo <at> famulari.name> skribis:
>
> > * gnu/packages/tls.scm (openssl)[replacement]: New field.
> > (openssl-1.0.2o): New variable.
>
> [...]
>
> > + (uri (list (string-append "https://www.openssl.org/source/openssl-"
> > + version ".tar.gz")
> > + (string-append "ftp://ftp.openssl.org/source/"
> > + name "-" version ".tar.gz")
> > + (string-append "ftp://ftp.openssl.org/source/old/"
> > + (string-trim-right version char-set:letter)
> > + "/" name "-" version ".tar.gz")))
>
> Eventually we should factorize this in an ‘openssl-source-url’ procedure.
Yup :)
> > + (sha256
> > + (base32
> > + "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc"))
> > + ;; Erase the inherited snippet, which isn't applicable to
> > + ;; OpenSSL 1.0.2o.
> > + (snippet
> > + '(begin
> > + #t))))))
>
> Use (snippet #f) to really annihilate the snippet, otherwise you create
> a snippet that does nothing, yet entails and unpack-and-repack step.
Oh, right :p
Thanks! Pushed as 590bdc149b28e03cfd1668e8026919e89e61f00f
[signature.asc (application/pgp-signature, inline)]
This bug report was last modified 7 years and 60 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.