(address . guix-patches@gnu.org)
319db45acb202e19aaf6b6479a2bcbec1ba78980.1695673020.git.mail@cbaines.net
From: Sevan Janiyan <venture37@geeklan.co.uk>
Address various CVEs.
* gnu/packages/tls.scm (openssl-3.1.3): New variable.
(openssl-3.0)[replacement]: Use it.
---
gnu/packages/tls.scm | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
Toggle diff (41 lines)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index b669ac2e8d..62af3589a7 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -571,6 +571,7 @@ (define-public openssl-3.0
(package
(inherit openssl-1.1)
(version "3.0.8")
+ (replacement openssl-3.1.3)
(source (origin
(method url-fetch)
(uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -605,6 +606,24 @@ (define-public openssl-3.0
(define-public openssl openssl-3.0)
+(define-public openssl-3.1.3
+ (package
+ (inherit openssl-3.0)
+ (version "3.1.3")
+ (source (origin
+ (method url-fetch)
+ (uri (list (string-append "https://www.openssl.org/source/openssl-"
+ version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/"
+ "openssl-" version ".tar.gz")
+ (string-append "ftp://ftp.openssl.org/source/old/"
+ (string-trim-right version char-set:letter)
+ "/openssl-" version ".tar.gz")))
+ (patches (search-patches "openssl-3.0-c-rehash-in.patch"))
+ (sha256
+ (base32
+ "1xmc5s5ihapvj9k4d33qjch3104zd1c58i3n54sz5rw9plp6lcgh"))))))
+
(define-public bearssl
(package
(name "bearssl")
base-commit: fafd3caef0d51811a5da81d6061789e2908b0dac
--
2.41.0