GNU bug report logs - #61353
[PATCH] gnu: OpenSSL 3: Update to 3.0.8 [security fixes].

Previous Next

Package: guix-patches;

Reported by: Leo Famulari <leo <at> famulari.name>

Date: Tue, 7 Feb 2023 21:00:02 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 61353 in the body.
You can then email your comments to 61353 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to guix-patches <at> gnu.org:
bug#61353; Package guix-patches. (Tue, 07 Feb 2023 21:00:02 GMT) Full text and rfc822 format available.
Acknowledgement sent to Leo Famulari <leo <at> famulari.name>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Tue, 07 Feb 2023 21:00:02 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: OpenSSL 3: Update to 3.0.8 [security fixes].
Date: Tue,  7 Feb 2023 21:58:57 +0100

Fixes CVE-2023-0215, CVE-2023-0216, CVE-2023-0217, CVE-2023-0286, CVE-2023-0401,
CVE-2022-4203, CVE-2022-4304, and CVE-2022-4450.

https://www.openssl.org/news/secadv/20230207.txt

gnu/packages/tls.scm (openssl-3.0): Update to 3.0.8.
---
 gnu/packages/tls.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 66c111cb56..9eaa859a57 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -636,7 +636,7 @@ (define openssl/fixed
 (define-public openssl-3.0
   (package
     (inherit openssl-1.1)
-    (version "3.0.7")
+    (version "3.0.8")
     (source (origin
               (method url-fetch)
               (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -649,7 +649,7 @@ (define-public openssl-3.0
               (patches (search-patches "openssl-3.0-c-rehash-in.patch"))
               (sha256
                (base32
-                "0virbkcrw7nn3gr5r51z722gs1ppig0casj0c9pnj3i65829s143"))))
+                "0gjb7qjl2jnzs1liz3rrccrddxbk6q3lg8z27jn1xwzx72zx44vc"))))
     (arguments
      (substitute-keyword-arguments (package-arguments openssl-1.1)
        ((#:phases phases '%standard-phases)
-- 
2.38.1
Reply sent to Leo Famulari <leo <at> famulari.name>:
You have taken responsibility. (Sat, 11 Feb 2023 22:19:02 GMT) Full text and rfc822 format available.
Notification sent to Leo Famulari <leo <at> famulari.name>:
bug acknowledged by developer. (Sat, 11 Feb 2023 22:19:02 GMT) Full text and rfc822 format available.

Message #10 received at 61353-done <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: 61353-done <at> debbugs.gnu.org
Subject: Re: [PATCH] gnu: OpenSSL 3: Update to 3.0.8 [security fixes].
Date: Sat, 11 Feb 2023 23:18:15 +0100

Pushed as f844deb7acfb45f3b2f5a18cde5c662fc5ba0f6d
bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sun, 12 Mar 2023 11:24:13 GMT) Full text and rfc822 format available.
This bug report was last modified 1 year and 43 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.