gnu: OpenSSL 1.0.2: Fix CVE-2018-{0495,0732}.

* gnu/packages/patches/openssl-1.0.2-CVE-2018-0495.patch, gnu/packages/patches/openssl-1.0.2-CVE-2018-0732.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/tls.scm (openssl)[replacement]: New field. (openssl/fixed): New variable.
author: Leo Famulari <leo@famulari.name> 2018-06-14 16:26:57 -0400
committer: Leo Famulari <leo@famulari.name> 2018-06-18 12:04:49 -0400
commit: b8ea0db3aebf6ec9b1f3720759897d97bc2fcd48 (patch)
tree: c7e7e0e31e9131af083b4b388b3a25ce35a1785a /gnu/packages/tls.scm
parent: 32eb44240db23b2320a68a3ab17370531945587f (diff)
download: guix-b8ea0db3aebf6ec9b1f3720759897d97bc2fcd48.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 35134025b8..69edd32582 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -260,6 +260,7 @@ required structures.")
 (define-public openssl
   (package
    (name "openssl")
+   (replacement openssl/fixed)
    (version "1.0.2o")
    (source (origin
              (method url-fetch)
@@ -396,6 +397,15 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
+(define openssl/fixed
+  (package
+    (inherit openssl)
+    (source (origin
+              (inherit (package-source openssl))
+              (patches (append (origin-patches (package-source openssl))
+                               (search-patches "openssl-1.0.2-CVE-2018-0495.patch"
+                                               "openssl-1.0.2-CVE-2018-0732.patch")))))))
+
 (define-public openssl-next
   (package
     (inherit openssl)
author	Leo Famulari <leo@famulari.name>	2018-06-14 16:26:57 -0400
committer	Leo Famulari <leo@famulari.name>	2018-06-18 12:04:49 -0400
commit	b8ea0db3aebf6ec9b1f3720759897d97bc2fcd48 (patch)
tree	c7e7e0e31e9131af083b4b388b3a25ce35a1785a /gnu/packages/tls.scm
parent	32eb44240db23b2320a68a3ab17370531945587f (diff)
download	guix-b8ea0db3aebf6ec9b1f3720759897d97bc2fcd48.tar.gz