From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 25 16:17:36 2023 Received: (at submit) by debbugs.gnu.org; 25 Sep 2023 20:17:36 +0000 Received: from localhost ([127.0.0.1]:46719 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qks1Q-0004Md-Gi for submit@debbugs.gnu.org; Mon, 25 Sep 2023 16:17:36 -0400 Received: from lists.gnu.org ([2001:470:142::17]:41770) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1qks1M-0004ME-9Z for submit@debbugs.gnu.org; Mon, 25 Sep 2023 16:17:35 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1qks13-0006Vk-Kw for guix-patches@gnu.org; Mon, 25 Sep 2023 16:17:13 -0400 Received: from mira.cbaines.net ([212.71.252.8]) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1qks0t-00032E-Uv for guix-patches@gnu.org; Mon, 25 Sep 2023 16:17:11 -0400 Received: from localhost (unknown [79.173.170.234]) by mira.cbaines.net (Postfix) with ESMTPSA id EB91327BBE2 for ; Mon, 25 Sep 2023 21:17:01 +0100 (BST) Received: from localhost (localhost [local]) by localhost (OpenSMTPD) with ESMTPA id 9501a8f1 for ; Mon, 25 Sep 2023 20:17:00 +0000 (UTC) From: Christopher Baines To: guix-patches@gnu.org Subject: [PATCH] gnu: openssl-3.0: replace with 3.1.3. Date: Mon, 25 Sep 2023 21:17:00 +0100 Message-ID: <319db45acb202e19aaf6b6479a2bcbec1ba78980.1695673020.git.mail@cbaines.net> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=212.71.252.8; envelope-from=mail@cbaines.net; helo=mira.cbaines.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001, T_SPF_TEMPERROR=0.01, UNPARSEABLE_RELAY=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: 0.9 (/) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.1 (/) From: Sevan Janiyan Address various CVEs. * gnu/packages/tls.scm (openssl-3.1.3): New variable. (openssl-3.0)[replacement]: Use it. --- gnu/packages/tls.scm | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index b669ac2e8d..62af3589a7 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -571,6 +571,7 @@ (define-public openssl-3.0 (package (inherit openssl-1.1) (version "3.0.8") + (replacement openssl-3.1.3) (source (origin (method url-fetch) (uri (list (string-append "https://www.openssl.org/source/openssl-" @@ -605,6 +606,24 @@ (define-public openssl-3.0 (define-public openssl openssl-3.0) +(define-public openssl-3.1.3 + (package + (inherit openssl-3.0) + (version "3.1.3") + (source (origin + (method url-fetch) + (uri (list (string-append "https://www.openssl.org/source/openssl-" + version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/" + "openssl-" version ".tar.gz") + (string-append "ftp://ftp.openssl.org/source/old/" + (string-trim-right version char-set:letter) + "/openssl-" version ".tar.gz"))) + (patches (search-patches "openssl-3.0-c-rehash-in.patch")) + (sha256 + (base32 + "1xmc5s5ihapvj9k4d33qjch3104zd1c58i3n54sz5rw9plp6lcgh")))))) + (define-public bearssl (package (name "bearssl") base-commit: fafd3caef0d51811a5da81d6061789e2908b0dac -- 2.41.0 From debbugs-submit-bounces@debbugs.gnu.org Thu Apr 24 10:52:43 2025 Received: (at 66198) by debbugs.gnu.org; 24 Apr 2025 14:52:43 +0000 Received: from localhost ([127.0.0.1]:40045 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1u7xwQ-0003Me-Uz for submit@debbugs.gnu.org; Thu, 24 Apr 2025 10:52:43 -0400 Received: from mail-ot1-x32e.google.com ([2607:f8b0:4864:20::32e]:55665) by debbugs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from ) id 1u7xwN-0003MJ-Kz for 66198@debbugs.gnu.org; Thu, 24 Apr 2025 10:52:40 -0400 Received: by mail-ot1-x32e.google.com with SMTP id 46e09a7af769-72c13802133so303321a34.3 for <66198@debbugs.gnu.org>; Thu, 24 Apr 2025 07:52:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=greghogan-com.20230601.gappssmtp.com; s=20230601; t=1745506353; x=1746111153; darn=debbugs.gnu.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=RQ5Exfm2l6U82CKC8Gw+3MNFnaLG0A41M4z7OSucJUc=; b=OdOJp+c66hx92M1Dq/2PkEvcWLRPJeMBdFA9iwors1oZf+gsgo4MZyRwbJWzkqIFHU 89yTfeYtb9aznfDEGYrZZKwAQ9274Xnc5A/PK0PtoZMkDWJ4jsWciQhyFrW/cyg7K2az zSa+9BHDOcOS8OiuW8oYzT/TaqmuApPUxa4C2/OMpbWbh2NgLf3c86Oa2ldjk2ONOl11 JZqIPF4ey3ig3Wrm1VvYzEBNkCWlteLdSh/PPpf2kHNcMuFTbfdx9IP9lo2K9T35WWsH 43QCZlzYfQMl1f9hRqmMoqe64xAQ0tqgk0lRM1cKomvIy14jCdy6dlfvQwVfdfUi3F77 WbOw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1745506353; x=1746111153; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=RQ5Exfm2l6U82CKC8Gw+3MNFnaLG0A41M4z7OSucJUc=; b=us3KyMm+yxbV20wY/qrzjrT753ItuukD7YUpFLO586zekqX5Nhk2gcCfbIfq3A4Jr+ 1Fn3pRuqfuKJq7W2iYlaqnKwzzoNrYPLtnTtuCXA5HR5RjToDU86GZpEu6pW0n2GNSHP /5RwgmkKlEnlys2aUmdCyKzuJ1Ak7bsOxuwvNvyFB6nSm2x7yZXhj5OVIvd5gxlS13ho 7U0AgOZLMpEZAQ011e9uJt0z1r6SQh1jvdDnwkaUZTZ2I3XDXOsgAzX7MzN7b0Qi/NFB 7bibkNSjj3aus4Kj7eK8jldLpO6/QvrxwFMqPN6cEByvA1WAndLSHl0xvWidtZkPlFQx z4qg== X-Gm-Message-State: AOJu0YwXQTmwGc/LPORJZD3kpXBSNJ2F1RfZ1pDCPnDjleBDJXHJoc5L ljRMcm/A+mDaEAzJlRwkM0UpaAhzNY8ZugXVBL5hy+vMEYrWGVvk+xsTUMHJ5zyL2Exw6hGLSsM UnBh61CxhF6IXTjHO6VVVzT9nlh0ZGJ1YIrJlU8AFma0h8gPK1Jk= X-Gm-Gg: ASbGncssuv743A6dg1tHnfhRPq4Ksb3RHpdWGaOUHiqjrt6TMUAnDgRtiDsaKM9br+f wutkPS/JmdpFSptBfRcA8jPWVZjBSKr0W1+sZV7dzVzF67ka4nmeNiN0cNnbSczjbfB86zYDWsi HNpRmSc500/ky7yTTO0YifjZsC0uYEOUZS X-Google-Smtp-Source: AGHT+IH6wSODPqwNyD556rXVdmY/X4taHzxTkHC36ENQq61yAoFTeg05esqNk+CrvJM/qu/sBgtf+4HNZ7srHe7GdKk= X-Received: by 2002:a05:6830:4389:b0:72b:8297:e988 with SMTP id 46e09a7af769-7304dbd15cfmr2302335a34.25.1745506353350; Thu, 24 Apr 2025 07:52:33 -0700 (PDT) MIME-Version: 1.0 References: <319db45acb202e19aaf6b6479a2bcbec1ba78980.1695673020.git.mail@cbaines.net> In-Reply-To: <319db45acb202e19aaf6b6479a2bcbec1ba78980.1695673020.git.mail@cbaines.net> From: Greg Hogan Date: Thu, 24 Apr 2025 10:52:22 -0400 X-Gm-Features: ATxdqUEImsHG45fCYcznEIOEiumLOr4B_3UMvbAv7XSqvEn_MBQ84lJqXeab-0E Message-ID: Subject: Re: [bug#66198] [PATCH] gnu: openssl-3.0: replace with 3.1.3. To: Christopher Baines Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 66198 Cc: 66198@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) On Mon, Sep 25, 2023 at 4:18=E2=80=AFPM Christopher Baines wrote: > > From: Sevan Janiyan > > Address various CVEs. > > * gnu/packages/tls.scm (openssl-3.1.3): New variable. > (openssl-3.0)[replacement]: Use it. > --- > gnu/packages/tls.scm | 19 +++++++++++++++++++ > 1 file changed, 19 insertions(+) > > diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm > index b669ac2e8d..62af3589a7 100644 > --- a/gnu/packages/tls.scm > +++ b/gnu/packages/tls.scm > @@ -571,6 +571,7 @@ (define-public openssl-3.0 > (package > (inherit openssl-1.1) > (version "3.0.8") > + (replacement openssl-3.1.3) > (source (origin > (method url-fetch) > (uri (list (string-append "https://www.openssl.org/source/= openssl-" > @@ -605,6 +606,24 @@ (define-public openssl-3.0 > > (define-public openssl openssl-3.0) > > +(define-public openssl-3.1.3 > + (package > + (inherit openssl-3.0) > + (version "3.1.3") > + (source (origin > + (method url-fetch) > + (uri (list (string-append "https://www.openssl.org/source/= openssl-" > + version ".tar.gz") > + (string-append "ftp://ftp.openssl.org/source/" > + "openssl-" version ".tar.gz") > + (string-append "ftp://ftp.openssl.org/source/ol= d/" > + (string-trim-right version char-= set:letter) > + "/openssl-" version ".tar.gz"))) > + (patches (search-patches "openssl-3.0-c-rehash-in.patch")) > + (sha256 > + (base32 > + "1xmc5s5ihapvj9k4d33qjch3104zd1c58i3n54sz5rw9plp6lcgh"))= )))) > + > (define-public bearssl > (package > (name "bearssl") > > base-commit: fafd3caef0d51811a5da81d6061789e2908b0dac > -- > 2.41.0 The core-packages-team branch has been updated to 3.4.0.