guix-commits
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

02/02: gnu: openssl: Update to 1.0.2f [fixes CVE-2015-3197 and CVE-2016-


From: Mark H. Weaver
Subject: 02/02: gnu: openssl: Update to 1.0.2f [fixes CVE-2015-3197 and CVE-2016-0701].
Date: Thu, 28 Jan 2016 15:01:44 +0000

mhw pushed a commit to branch security-updates
in repository guix.

commit ea9de5a72e3123bad9b687075b09ee2174a6df48
Author: Mark H Weaver <address@hidden>
Date:   Thu Jan 28 09:50:31 2016 -0500

    gnu: openssl: Update to 1.0.2f [fixes CVE-2015-3197 and CVE-2016-0701].
    
    * gnu/packages/tls.scm (openssl): Update to 1.0.2f.
      [arguments]: Remove the 'fix-broken-symlinks' phase.
---
 gnu/packages/tls.scm |   27 +++------------------------
 1 files changed, 3 insertions(+), 24 deletions(-)

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index a22991c..4407fa3 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -1,6 +1,6 @@
 ;;; GNU Guix --- Functional package management for GNU
 ;;; Copyright © 2012, 2013, 2014, 2015 Ludovic Courtès <address@hidden>
-;;; Copyright © 2014, 2015 Mark H Weaver <address@hidden>
+;;; Copyright © 2014, 2015, 2016 Mark H Weaver <address@hidden>
 ;;; Copyright © 2014 Ian Denhardt <address@hidden>
 ;;; Copyright © 2013, 2015 Andreas Enge <address@hidden>
 ;;; Copyright © 2015 David Thompson <address@hidden>
@@ -180,14 +180,14 @@ required structures.")
 (define-public openssl
   (package
    (name "openssl")
-   (version "1.0.2e")
+   (version "1.0.2f")
    (source (origin
             (method url-fetch)
             (uri (string-append "ftp://ftp.openssl.org/source/openssl-"; version
                                 ".tar.gz"))
             (sha256
              (base32
-              "1zqb1rff1wikc62a7vj5qxd1k191m8qif5d05mwdxz2wnzywlg72"))
+              "171fkdg9v6j29d962nh6kb79kfm8kkhy7n9makw39d7jvvj4wawk"))
             (patches (map search-patch
                           '("openssl-runpath.patch"
                             "openssl-c-rehash.patch")))))
@@ -243,27 +243,6 @@ required structures.")
                        (find-files (string-append out "/lib")
                                    "\\.so"))
              #t)))
-        (add-after
-         'unpack 'fix-broken-symlinks
-         (lambda _
-           ;; Repair the broken symlinks in the openssl-1.0.2e tarball.
-           (let* ((link-prefix "openssl-1.0.2e/")
-                  (link-prefix-length (string-length link-prefix))
-                  (broken-links
-                   (find-files "." (lambda (file stat)
-                                     (and (eq? 'symlink (stat:type stat))
-                                          (string-prefix? link-prefix
-                                                          (readlink file)))))))
-             (when (null? broken-links)
-               (error "The 'fix-broken-symlinks' phase is obsolete; remove 
it"))
-             (for-each (lambda (file)
-                         (let* ((old-target (readlink file))
-                                (new-target (string-drop old-target
-                                                         link-prefix-length)))
-                           (delete-file file)
-                           (symlink new-target file)))
-                       broken-links)
-             #t)))
         (add-before
          'patch-source-shebangs 'patch-tests
          (lambda* (#:key inputs native-inputs #:allow-other-keys)



reply via email to

[Prev in Thread] Current Thread [Next in Thread]