From: Leo Famulari <leo@famulari.name>
Date: Tue, 8 Dec 2020 18:04:29 +0000 (-0500)
Subject: gnu: OpenSSL: Update to 1.1.1i [fixes CVE-2020-1971].
X-Git-Url: https://git.hcoop.net/jackhill/guix/guix.git/commitdiff_plain/02b21f35cc610216bc9b71f4970a00759aa8b14e

gnu: OpenSSL: Update to 1.1.1i [fixes CVE-2020-1971].

* gnu/packages/tls.scm (openssl)[replacement]: Update replacement to 1.1.1i
(openssl-1.1.1g): Replace with ...
(openssl-1.1.1i): ... new variable.
---

diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 28c6d8c392..008578cd8f 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -307,7 +307,7 @@ required structures.")
   (package
    (name "openssl")
    (version "1.1.1f")
-   (replacement openssl-1.1.1g)
+   (replacement openssl-1.1.1i)
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -439,10 +439,10 @@ required structures.")
    (license license:openssl)
    (home-page "https://www.openssl.org/")))
 
-(define openssl-1.1.1g
+(define openssl-1.1.1i
   (package
    (inherit openssl)
-   (version "1.1.1g")
+   (version "1.1.1i")
    (source (origin
              (method url-fetch)
              (uri (list (string-append "https://www.openssl.org/source/openssl-"
@@ -455,7 +455,7 @@ required structures.")
              (patches (search-patches "openssl-1.1-c-rehash-in.patch"))
              (sha256
               (base32
-               "0ikdcc038i7jk8h7asq5xcn8b1xc2rrbc88yfm4hqbz3y5s4gc6x"))))))
+               "0hjj1phcwkz69lx1lrvr9grhpl4y529mwqycqc1hdla1zqsnmgp8"))))))
 
 (define-public openssl-1.0
   (package