GNU bug report logs - #54402
[SECURITY]: OpenSSL CVE-2022-0778

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Tue, 15 Mar 2022 17:40:02 UTC

Severity: normal

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

Message #8 received at 54402 <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: 54402 <at> debbugs.gnu.org
Subject: [PATCH 1/2] gnu: OpenSSL: Fix CVE-2022-0778.
Date: Tue, 15 Mar 2022 13:44:18 -0400

For more information about this vulnerability:

https://www.openssl.org/news/secadv/20220315.txt

* gnu/packages/tls.scm (openssl/fixed): Update to 1.1.1n.
---
 gnu/packages/tls.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 11c01a8d2a..9ed0f3dea4 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -513,7 +513,7 @@ (define openssl/fixed
   (package
     (inherit openssl)
     (name "openssl")
-    (version "1.1.1m")
+    (version "1.1.1n")
     (source (origin
               (method url-fetch)
               (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -526,7 +526,7 @@ (define openssl/fixed
               (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
               (sha256
                (base32
-                "15kcvdi69jka67sk1l3a50c26cb7xv9xiwdrgky4bji3ifz9k4gq"))))))
+                "0ymif8rlc5cf5qp5bh2pxlrgq6xryh7g4sqfvrdjg9gnli8ypp20"))))))
 
 (define-public openssl-3.0
   (package
-- 
2.34.0

This bug report was last modified 3 years and 68 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #54402 [SECURITY]: OpenSSL CVE-2022-0778

GNU bug report logs - #54402
[SECURITY]: OpenSSL CVE-2022-0778