GNU bug report logs - #40749
[PATCH] gnu: OpenSSL: Update to 1.1.1g [fixes CVE-2020-1967].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Tue, 21 Apr 2020 17:53:01 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 40749 in the body.
You can then email your comments to 40749 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#40749; Package guix-patches. (Tue, 21 Apr 2020 17:53:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to Leo Famulari <leo <at> famulari.name>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Tue, 21 Apr 2020 17:53:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: OpenSSL: Update to 1.1.1g [fixes CVE-2020-1967].
Date: Tue, 21 Apr 2020 13:52:26 -0400

* gnu/packages/tls.scm (openssl)[replacement]: Replace with openssl-1.1.1g.
(openssl-1.1.1e): Replace variable with ...
(openssl-1.1.1g): ... this.
---
 gnu/packages/tls.scm | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 3eb32fc27a..4f85f212bd 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -318,7 +318,7 @@ required structures.")
   (package
    (name "openssl")
    (version "1.1.1c")
-   (replacement openssl-1.1.1e)
+   (replacement openssl-1.1.1g)
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -420,10 +420,10 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
-(define openssl-1.1.1e
+(define openssl-1.1.1g
   (package
    (inherit openssl)
-   (version "1.1.1e")
+   (version "1.1.1g")
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -436,7 +436,7 @@ required structures.")
              (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
              (sha256
               (base32
-               "1gnwlri1dphr5wdzmg9vlhkh6aq2yqgpfkpmffzwjlfb26n62kv9"))))))
+               "0ikdcc038i7jk8h7asq5xcn8b1xc2rrbc88yfm4hqbz3y5s4gc6x"))))))
 
 (define-public openssl-1.0
   (package
-- 
2.26.2
Reply sent to Leo Famulari <leo <at> famulari.name>:
You have taken responsibility. (Tue, 21 Apr 2020 20:06:02 GMT) Full text and rfc822 format available.
Notification sent to Leo Famulari <leo <at> famulari.name>:
bug acknowledged by developer. (Tue, 21 Apr 2020 20:06:02 GMT) Full text and rfc822 format available.

Message #10 received at 40749-done <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: 40749-done <at> debbugs.gnu.org
Subject: Re: [PATCH] gnu: OpenSSL: Update to 1.1.1g [fixes CVE-2020-1967].
Date: Tue, 21 Apr 2020 16:05:35 -0400

On Tue, Apr 21, 2020 at 01:52:26PM -0400, Leo Famulari wrote:
> * gnu/packages/tls.scm (openssl)[replacement]: Replace with openssl-1.1.1g.
> (openssl-1.1.1e): Replace variable with ...
> (openssl-1.1.1g): ... this.

Pushed as 0b9a117765ff871cf2e82acb2620d860fb93c016
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Wed, 20 May 2020 11:24:04 GMT) Full text and rfc822 format available.
This bug report was last modified 5 years and 32 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.