Vladimír Čunát
7cda2823be
openssl_1_0_2: mark as insecure; fixes #77503 (kinda)
...
No vulnerabilities are know so far (to me), but still I'd go this way.
Especially for 20.03 it seems better to deprecate it before official
release happens.
Current casualties:
$ ./maintainers/scripts/rebuild-amount.sh --print HEAD HEAD^
Estimating rebuild amount by counting changed Hydra jobs.
87 x86_64-darwin
161 x86_64-linux
4 years ago
Vladimír Čunát
5a8000dc05
openssl: revert a workaround that's no longer needed
...
Thanks to python3Minimal. This reverts part of c2038483f
#79738 .
4 years ago
Vladimír Čunát
c2038483fd
glibc, openssl: unbreak cross eval (with minor caveats)
...
It's certainly better to have those two caveats than not evaluate.
Both seem rather niche. Unfortunately I failed to find a better way.
I started testing builds of several cross variants; all seem OK.
4 years ago
Antonio Nuno Monteiro
4b34c18e31
pkgsStatic: make OpenSSL 1.1 compile ( #77542 )
...
* pkgsStatic: make OpenSSL 1.1 compile
4 years ago
Matthew Bauer
f23ad86d6f
openssl: don’t separate debug info on useLLVM
...
fixes #77779
4 years ago
Jörg Thalheim
00a2084a40
openssl: fix build linux with clangStdenv
4 years ago
Vladimír Čunát
e4c89a66fe
openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)
...
Fixes #77266 : CVE-2019-1551
https://www.openssl.org/news/secadv/20191206.txt
(cherry picked from commit 961d0cf9f5
)
Oops - I realized too late that the rebuild amount is minimal,
so why not have it immediately in master.
4 years ago
Vladimír Čunát
961d0cf9f5
openssl_1_0_2: 1.0.2t -> 1.0.2u (low-severity security)
...
Fixes #77266 : CVE-2019-1551
https://www.openssl.org/news/secadv/20191206.txt
4 years ago
Frederik Rietdijk
af491cbb7d
openssl: use old method for configuring on i686, fixes #71786
...
unbreaks pkgsi686Linux.openssl_1_0_2
5 years ago
Ding Xiang Fei
703e44675c
openssl: switch to linux-x86 and linux-x86_64 targets
5 years ago
Frederik Rietdijk
c35938870e
Revert "openssl: switch to linux-x86 and linux-x86_64 targets"
...
Mass-rebuild and should go to staging instead.
This reverts commit 4c8695f835
.
5 years ago
Ding Xiang Fei
4c8695f835
openssl: switch to linux-x86 and linux-x86_64 targets
5 years ago
Moritz Angermann
2df354fd1e
fix openssl
5 years ago
Moritz Angermann
8b393304b1
[win32] fix openssl
5 years ago
Vladimír Čunát
22a216849b
Re-Revert "Merge branch 'staging-next'"
...
This reverts commit f8a8fc6c7c
.
5 years ago
Vladimír Čunát
f8a8fc6c7c
Revert "Merge branch 'staging-next'"
...
This reverts commit 41af38f372
, reversing
changes made to f0fec244ca
.
Let's delay this. We have some serious regressions.
5 years ago
Andreas Rammhold
20c7a35429
openssl_1_0_2: fixup sha256
5 years ago
Andreas Rammhold
d49fb86b1b
openssl: 1.1.1c -> 1.1.1d
...
(cherry picked from commit 76d54c72acaaa32e2c1f8b13002f0ceac3b7b06f)
5 years ago
Andreas Rammhold
5d5cd70516
openssl_1_0_2: 1.0.2s -> 1.0.2t
...
(cherry picked from commit aa6327c29c2de41a61db5aef8444385c531d4cc2)
5 years ago
Guillaume Maudoux
92b96ce63f
openssl: fix man pages collisions ( #66317 )
5 years ago
volth
35d68ef143
treewide: remove redundant quotes
5 years ago
volth
c814d72b51
treewide: name -> pname
5 years ago
volth
f3282c8d1e
treewide: remove unused variables ( #63177 )
...
* treewide: remove unused variables
* making ofborg happy
5 years ago
Will Dietz
642c9a7e74
Revert "openssl: fix CVE-2019-1543"
...
This reverts commit aae4c114a4
.
5 years ago
Will Dietz
f6297de3bc
openssl: 1.1.1b -> 1.1.1c
...
https://mta.openssl.org/pipermail/openssl-announce/2019-May/000153.html
5 years ago
Will Dietz
c83b9bb6aa
openssl: 1.0.2r -> 1.0.2s
...
https://mta.openssl.org/pipermail/openssl-announce/2019-May/000151.html
5 years ago
Tom Bereknyei
aae4c114a4
openssl: fix CVE-2019-1543
...
Closes https://github.com/NixOS/nixpkgs/pull/61827 .
Fixes https://github.com/NixOS/nixpkgs/issues/60107 .
5 years ago
Alyssa Ross
fc4a8f63c4
openssl: 1.0.2q -> 1.0.2r
...
(cherry picked from commit 9c94d74836
)
From PR #56414 . Forward-picking from staging to staging-next,
as minor openssl bumps tend to be fairly breakage-free.
5 years ago
Alyssa Ross
fed0926960
openssl_1_1: 1.1.1a -> 1.1.1b
5 years ago
Alyssa Ross
9c94d74836
openssl: 1.0.2q -> 1.0.2r
5 years ago
Vladimír Čunát
6f61d8b0f6
openssl_1_1: use the same default CA path as 1.0.*
...
Fixes https://github.com/NixOS/nixpkgs/issues/54437
5 years ago
Andrew Dunham
14087abe6a
openssl_1_1: Add "doc" output to contain HTML documentation
...
This prevents cluttering up openssl_1_1.out with many megabytes of
documentation.
Fixes #51659
6 years ago
Daniel Goertzen
e8bce19aea
openssl: fix cross compile (perl)
...
Fixes issue #50921 . Build result was depending on build perl instead of
host perl which broke cross compilation.
6 years ago
Jan Malakhovski
7c48015019
openssl: fix `cryptodev` fallout from d836b811cb
6 years ago
Alyssa Ross
d012516c44
openssl_1_1: 1.1.1 -> 1.1.1a
...
CVE-2018-0734: https://www.openssl.org/news/vulnerabilities.html#2018-0734
CVE-2018-0735: https://www.openssl.org/news/vulnerabilities.html#2018-0735
6 years ago
Alyssa Ross
ae29a9e688
openssl: 1.0.2p -> 1.0.2q
...
CVE-2018-0734: https://www.openssl.org/news/vulnerabilities.html#2018-0734
CVE-2018-5407: https://www.openssl.org/news/vulnerabilities.html#2018-5407
No patches can any longer be shared between 1.0.2 and 1.1, so reorganize
patches into subdirectories (and remove an unused one).
6 years ago
Ben Wolsieffer
d3ba32e117
openssl: don't autodetect platform on armv6/7l
6 years ago
Alyssa Ross
1ec301ded2
openssl: 1.1.0 -> 1.1.1 ( #46524 )
6 years ago
John Ericson
0828e2d8c3
treewide: Remove usage of remaining redundant platform compatability stuff
...
Want to get this out of here for 18.09, so it can be deprecated
thereafter.
6 years ago
Markus Kowalewski
4ba295b797
openssl: add license
6 years ago
Andreas Rammhold
98a7b92261
openssl_1_0_2: 1.0.2o -> 1.0.2p
...
this addresses:
- Client DoS due to large DH parameter (CVE-2018-0732)
- Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
Changelog: https://www.openssl.org/news/cl102.txt
6 years ago
Andreas Rammhold
0a40875439
openssl_1_1_0: 1.1.0h -> 1.1.0i
...
this addresses:
- Client DoS due to large DH parameter (CVE-2018-0732)
- Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
Changelog: https://www.openssl.org/news/changelog.html#x1
6 years ago
Jan Malakhovski
7ea0904347
openssl: fix tests, also cleanup
6 years ago
Franz Pletz
459a34ce5f
openssl_1_1_0: add patch to fix c_rehash quoting
6 years ago
Matthew Bauer
522b61a069
openssl: work with mingw32
6 years ago
volth
52f53c69ce
pkgs/*: remove unreferenced function arguments
6 years ago
Niklas Hambüchen
479dcc3b54
openssl: Add `static` flag.
...
Its effect on `postInstall` is carefully written to not
cause recompilation in the default case.
6 years ago
Silvan Mosberger
57bccb3cb8
treewide: http -> https sources ( #42676 )
...
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
6 years ago
John Ericson
0c3efb9ba0
openssl: Support iOS cross compilation (in theory)
6 years ago
WilliButz
01a4d957dd
openssl: enable parallel building
...
There is no improvement for the build duration of openssl 1.0
but the one of openssl 1.1 is reduced significantly.
6 years ago