GNU bug report logs - #50188
[PATCH] gnu: OpenSSL: Update to 1.1.1l [security fixes].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Tue, 24 Aug 2021 15:58:01 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 50188 in the body.
You can then email your comments to 50188 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#50188; Package guix-patches. (Tue, 24 Aug 2021 15:58:01 GMT) Full text and rfc822 format available.
Acknowledgement sent to Leo Famulari <leo <at> famulari.name>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Tue, 24 Aug 2021 15:58:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: OpenSSL: Update to 1.1.1l [security fixes].
Date: Tue, 24 Aug 2021 11:56:44 -0400

https://www.openssl.org/news/secadv/20210824.txt

* gnu/packages/tls.scm (openssl)[replacement]: Use openssl-1.1.1l.
(openssl-1.1.1k): Replace with ...
(openssl-1.1.1l): ... new variable.
---
 gnu/packages/tls.scm | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index fb7d364c94..154b3dc207 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -356,7 +356,7 @@ required structures.")
   (package
    (name "openssl")
    (version "1.1.1j")
-   (replacement openssl-1.1.1k)
+   (replacement openssl-1.1.1l)
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -490,11 +490,10 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
-;; Replacement package to fix CVE-2021-3449 and CVE-2021-3450.
-(define openssl-1.1.1k
+(define openssl-1.1.1l
   (package
     (inherit openssl)
-    (version "1.1.1k")
+    (version "1.1.1l")
     (source (origin
               (method url-fetch)
               (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -507,7 +506,7 @@ required structures.")
               (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
               (sha256
                (base32
-                "1rdfzcrxy9y38wqdw5942vmdax9hjhgrprzxm42csal7p5shhal9"))))))
+                "1lbblxps2fhmz7bqh058iywh5wxfignbfx1s1kz2fj63b5g3wyhb"))))))
 
 ;; We will not add any new uses of this package. If you add new code that uses
 ;; this package, your change will be reverted!
-- 
2.32.0
Reply sent to Leo Famulari <leo <at> famulari.name>:
You have taken responsibility. (Tue, 24 Aug 2021 20:51:02 GMT) Full text and rfc822 format available.
Notification sent to Leo Famulari <leo <at> famulari.name>:
bug acknowledged by developer. (Tue, 24 Aug 2021 20:51:02 GMT) Full text and rfc822 format available.

Message #10 received at 50188-done <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: 50188-done <at> debbugs.gnu.org
Subject: Re: [PATCH] gnu: OpenSSL: Update to 1.1.1l [security fixes].
Date: Tue, 24 Aug 2021 16:50:37 -0400

An equivalent patch was pushed as 5422920b9eaaa0c6bf779588748595c66ca86ba3
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Wed, 22 Sep 2021 11:24:06 GMT) Full text and rfc822 format available.
This bug report was last modified 2 years and 215 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.