summary refs log tree commit diff
path: root/gnu/packages/tls.scm
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/tls.scm')
-rw-r--r--gnu/packages/tls.scm37
1 files changed, 5 insertions, 32 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 25493cc7ca..fee6276674 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -165,7 +165,6 @@ living in the same process.")
   (package
     (name "gnutls")
     (version "3.6.15")
-    (replacement gnutls/fixed)
     (source (origin
               (method url-fetch)
               ;; Note: Releases are no longer on ftp.gnu.org since the
@@ -174,7 +173,9 @@ living in the same process.")
                                   (version-major+minor version)
                                   "/gnutls-" version ".tar.xz"))
               (patches (search-patches "gnutls-skip-trust-store-test.patch"
-                                       "gnutls-cross.patch"))
+                                       "gnutls-cross.patch"
+                                       "gnutls-CVE-2021-20231.patch"
+                                       "gnutls-CVE-2021-20232.patch"))
               (sha256
                (base32
                 "0n0m93ymzd0q9hbknxc2ycanz49sqlkyyf73g9fk7n787llc7a0f"))))
@@ -257,15 +258,6 @@ required structures.")
     (properties '((ftp-server . "ftp.gnutls.org")
                   (ftp-directory . "/gcrypt/gnutls")))))
 
-(define gnutls/fixed
-  (package
-    (inherit gnutls)
-    (source (origin
-              (inherit (package-source gnutls))
-              (patches (append (search-patches "gnutls-CVE-2021-20231.patch"
-                                               "gnutls-CVE-2021-20232.patch")
-                               (origin-patches (package-source gnutls))))))))
-
 (define-public gnutls/guile-2.0
   ;; GnuTLS for Guile 2.0.
   (package/inherit gnutls
@@ -296,8 +288,7 @@ required structures.")
 (define-public openssl
   (package
    (name "openssl")
-   (replacement openssl/fixed)
-   (version "1.1.1i")
+   (version "1.1.1j")
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -310,7 +301,7 @@ required structures.")
              (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
              (sha256
               (base32
-               "0hjj1phcwkz69lx1lrvr9grhpl4y529mwqycqc1hdla1zqsnmgp8"))))
+               "1gw17520vh13izy1xf5q0a2fqgcayymjjj5bk0dlkxndfnszrwma"))))
    (build-system gnu-build-system)
    (outputs '("out"
               "doc"         ;6.8 MiB of man3 pages and full HTML documentation
@@ -431,24 +422,6 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
-(define-public openssl/fixed
-  (package
-   (inherit openssl)
-   (version "1.1.1k")
-   (source (origin
-             (method url-fetch)
-             (uri (list (string-append "https://www.openssl.org/source/openssl-"
-                                       version ".tar.gz")
-                        (string-append "ftp://ftp.openssl.org/source/"
-                                       "openssl-" version ".tar.gz")
-                        (string-append "ftp://ftp.openssl.org/source/old/"
-                                       (string-trim-right version char-set:letter)
-                                       "/openssl-" version ".tar.gz")))
-             (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
-             (sha256
-              (base32
-               "1rdfzcrxy9y38wqdw5942vmdax9hjhgrprzxm42csal7p5shhal9"))))))
-
 (define-public openssl-1.0
   (package
     (inherit openssl)
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-02-05 16:14:47 +0000