gnu: openssl@1.1: Update to 1.1.0i [fix CVE-2018-0737].

Also includes a fix for CVE-2018-0732, and a different approach to
fixing CVE-2018-0495.

* gnu/packages/tls.scm (openssl-next): Update to 1.1.0i.
[sources]: Remove CVE patches.
* gnu/packages/patches/openssl-1.1.0-CVE-2018-0495.patch: Delete...
* gnu/packages/patches/openssl-1.1.0-CVE-2018-0732.patch: ...both files.
* gnu/local.mk (dist_patch_DATA): Remove them.

1 files changed, 4 insertions, 6 deletions

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index cafe71bd41..28d2ea5fd5 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -410,7 +410,7 @@ required structures.")
   (package
     (inherit openssl)
     (name "openssl")
-    (version "1.1.0h")
+    (version "1.1.0i")
     (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -420,14 +420,12 @@ required structures.")
                         (string-append "ftp://ftp.openssl.org/source/old/"
                                        (string-trim-right version char-set:letter)
                                        "/" name "-" version ".tar.gz")))
-              (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"
-                                       "openssl-1.1.0-CVE-2018-0495.patch"
-                                       "openssl-1.1.0-CVE-2018-0732.patch"))
+              (patches (search-patches "openssl-1.1.0-c-rehash-in.patch"))
               (sha256
                (base32
-                "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq"))))
+                "16fgaf113p6s5ixw227sycvihh3zx6f6rf0hvjjhxk68m12cigzb"))))
     (outputs '("out"
-               "doc"        ;1.3MiB of man3 pages
+               "doc"        ; 1.3MiB of man3 pages
                "static"))   ; 5.5MiB of .a files
     (arguments
      (substitute-keyword-arguments (package-arguments openssl)