(address . guix-patches@gnu.org)(name . Denis 'GNUtoo' Carikli)(address . GNUtoo@cyberdimension.org)
The patch that will follow updates OpenSSL 1.1 to the last version to fix the following CVEs:
* CVE-2023-0215 [1]
* CVE-2023-0286 [2]
* CVE-2023-0464 [3]
* CVE-2023-0465 [4]
* CVE-2023-0466 [5]
* CVE-2023-2650 [6]
* CVE-2022-4304 [7]
* CVE-2022-4450 [8]
While OpenSSL builds fine and that all its test pass on x86_64, it also has a
significant number of reverse dependencies (about 6850, so more than 300) that
need to be rebuilt.
Denis 'GNUtoo' Carikli (1):
gnu: openssl-1.1: Update to 1.1.1u [security fixes].
gnu/packages/tls.scm | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
base-commit: 39fbc041f92489ec30075a85937c8a38723752dc
--
2.41.0