[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#30966: [PATCH] gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-
|
From: |
Leo Famulari |
|
Subject: |
bug#30966: [PATCH] gnu: openssl: Replace with OpenSSL 1.0.2o [fixes CVE-2018-0739]. |
|
Date: |
Wed, 28 Mar 2018 14:11:54 -0400 |
|
User-agent: |
Mutt/1.9.3 (2018-01-21) |
On Wed, Mar 28, 2018 at 05:05:37PM +0200, Ludovic Courtès wrote:
> Hi Leo,
>
> Leo Famulari <address@hidden> skribis:
>
> > * gnu/packages/tls.scm (openssl)[replacement]: New field.
> > (openssl-1.0.2o): New variable.
>
> [...]
>
> > + (uri (list (string-append
> > "https://www.openssl.org/source/openssl-";
> > + version ".tar.gz")
> > + (string-append "ftp://ftp.openssl.org/source/";
> > + name "-" version ".tar.gz")
> > + (string-append "ftp://ftp.openssl.org/source/old/";
> > + (string-trim-right version
> > char-set:letter)
> > + "/" name "-" version ".tar.gz")))
>
> Eventually we should factorize this in an ‘openssl-source-url’ procedure.
Yup :)
> > + (sha256
> > + (base32
> > + "0kcy13l701054nhpbd901mz32v1kn4g311z0nifd83xs2jbmqgzc"))
> > + ;; Erase the inherited snippet, which isn't applicable to
> > + ;; OpenSSL 1.0.2o.
> > + (snippet
> > + '(begin
> > + #t))))))
>
> Use (snippet #f) to really annihilate the snippet, otherwise you create
> a snippet that does nothing, yet entails and unpack-and-repack step.
Oh, right :p
Thanks! Pushed as 590bdc149b28e03cfd1668e8026919e89e61f00f
signature.asc
Description: PGP signature