From 0a40875439c1c1fa562317f27d8431c87b6ecc08 Mon Sep 17 00:00:00 2001 From: Andreas Rammhold Date: Wed, 15 Aug 2018 21:12:00 +0200 Subject: openssl_1_1_0: 1.1.0h -> 1.1.0i this addresses: - Client DoS due to large DH parameter (CVE-2018-0732) - Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) Changelog: https://www.openssl.org/news/changelog.html#x1 --- pkgs/development/libraries/openssl/default.nix | 7 ++-- .../libraries/openssl/revert-relaxed-quoting.patch | 37 ---------------------- 2 files changed, 2 insertions(+), 42 deletions(-) delete mode 100644 pkgs/development/libraries/openssl/revert-relaxed-quoting.patch (limited to 'pkgs/development/libraries/openssl') diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 35538b99060e..b09809f89249 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -124,11 +124,8 @@ in { }; openssl_1_1_0 = common { - version = "1.1.0h"; - sha256 = "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq"; - patches = [ - ./revert-relaxed-quoting.patch - ]; + version = "1.1.0i"; + sha256 = "16fgaf113p6s5ixw227sycvihh3zx6f6rf0hvjjhxk68m12cigzb"; }; } diff --git a/pkgs/development/libraries/openssl/revert-relaxed-quoting.patch b/pkgs/development/libraries/openssl/revert-relaxed-quoting.patch deleted file mode 100644 index ebe7c0ef26ce..000000000000 --- a/pkgs/development/libraries/openssl/revert-relaxed-quoting.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 7ee2a43069913fb7c444c656048996ea92cc465e Mon Sep 17 00:00:00 2001 -From: Richard Levitte -Date: Wed, 28 Mar 2018 14:46:27 +0200 -Subject: [PATCH] Revert "util/dofile.pl: only quote stuff that actually needs - quoting" - -This wasn't a good solution, too many things depend on the quotes being -there consistently. - -This reverts commit 49cd47eaababc8c57871b929080fc1357e2ad7b8. - -Fixes #5772 - -Reviewed-by: Rich Salz -(Merged from https://github.com/openssl/openssl/pull/5773) - -(cherry picked from commit 00701e5ea84861b74d9d624f21a6b3fcb12e8acd) ---- - util/dofile.pl | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/util/dofile.pl b/util/dofile.pl -index fc72989b0fd..a932941cd5a 100644 ---- a/util/dofile.pl -+++ b/util/dofile.pl -@@ -99,9 +99,9 @@ package main; - # This adds quotes (") around the given string, and escapes any $, @, \, - # " and ' by prepending a \ to them. - sub quotify1 { -- my $s = my $orig = shift @_; -+ my $s = shift @_; - $s =~ s/([\$\@\\"'])/\\$1/g; -- $s ne $orig || $s =~ /\s/ ? '"'.$s.'"' : $s; -+ '"'.$s.'"'; - } - - # quotify_l LIST -- cgit 1.4.1