GNU bug report logs - #64997
[PATCH 0/1] OpenSSL 3.0: Fix 6 CVEs (max score: 7.5 high, 8680 dependent packages)

Previous Next

Full log

Message #8 received at 64997 <at> debbugs.gnu.org (full text, mbox):

From: Denis 'GNUtoo' Carikli <GNUtoo <at> cyberdimension.org>
To: 64997 <at> debbugs.gnu.org
Cc: Denis 'GNUtoo' Carikli <GNUtoo <at> cyberdimension.org>
Subject: [PATCH 1/1] gnu: openssl: Update to 3.0.10 [security fixes].
Date: Tue,  1 Aug 2023 18:36:50 +0200

Includes fixes for CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-1255,
CVE-2023-2650, CVE-2023-2975.

* gnu/packages/tls.scm (openssl): Update to 3.0.10.

Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo <at> cyberdimension.org>
---
 gnu/packages/tls.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index f51c47db04..62d9ce75ac 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -570,7 +570,7 @@ (define openssl/fixed
 (define-public openssl-3.0
   (package
     (inherit openssl-1.1)
-    (version "3.0.8")
+    (version "3.0.10")
     (source (origin
               (method url-fetch)
               (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -583,7 +583,7 @@ (define-public openssl-3.0
               (patches (search-patches "openssl-3.0-c-rehash-in.patch"))
               (sha256
                (base32
-                "0gjb7qjl2jnzs1liz3rrccrddxbk6q3lg8z27jn1xwzx72zx44vc"))))
+                "08rkx3f2qg8rsxhzwshg6z4ys37bgzhvim7knswjh41sn7sx8q8p"))))
     (arguments
      (substitute-keyword-arguments (package-arguments openssl-1.1)
        ((#:phases phases '%standard-phases)
-- 
2.41.0

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.