8e462995ba
Bring my stdenv.lib.maintainers user name in line with my github nick.
8 years ago
bdafc6df04
openssl: 1.0.1s -> 1.0.1t, 1.0.2g -> 1.0.2h
...
CVE-2016-2108, high severity: Memory corruption in the ASN.1 encoder
CVE-2016-2107, high severity: Padding oracle in AES-NI CBC MAC check
CVE-2016-2105, low severity: EVP_EncodeUpdate overflow
CVE-2016-2106, low severity: EVP_EncryptUpdate overflow
CVE-2016-2109, low severity: ASN.1 BIO excessive memory allocation
CVE-2016-2176, low severity: EBCDIC overread
8 years ago
26f90102b8
openssl: fix indentation
8 years ago
e0d17fdf10
openssl: Use 1.0.2 by default
...
Provided that not too much breaks, we should probably cherry-pick this
to 16.03, since the end of the 1.0.1 support window is a bit too close
to the expected lifetime of 16.0.3. @domenkozar
8 years ago
cdbd14a1a8
openssl: 1.0.1r -> 1.0.1s, 1.0.2f -> 1.0.2g
...
CVE-2016-0800
8 years ago
b6ff8f9314
disable darwin-arch.patch on openssl >= 1.0.2
8 years ago
ef86e9506d
Untested fix for #13401
8 years ago
917ca8920d
Move setting $SSL_CERT_FILE to stdenv
...
Doing it in an openssl setup hook only works if packages have openssl
as a build input - it doesn't work if they're using a program linked
against openssl.
9 years ago
cc2cec6300
openssl: Unify 1.0.1 and 1.0.2 expressions
9 years ago
788da6894f
openssl: Compile in /etc/ssl/certs/ca-certificates.crt
9 years ago
9f358f809d
Configure a default trust store for openssl
9 years ago
2ecb6b4574
openssl: 1.0.1q -> 1.0.1r
...
CVE-2015-3197 (low severity)
9 years ago
fb3b9f5f8b
openssl: security update 1.0.1p -> 1.0.1q
...
Fixes CVE-2015-3194 and CVE-2015-3195.
Taken from #11469 .
9 years ago
1c0b060295
openssl: use prefixed windres and ranlib for cross build
9 years ago
741bf840da
Revert "Merge pull request #9543 from NixOS/staging.post-15.06"
...
This reverts commit f61176c539a27ca029ee
9 years ago
9fbb83b467
openssl: fixup after merge
9 years ago
eae9889b82
openssl: Major bump 1.0.1 -> 1.0.2
9 years ago
e1f78bf677
More docs/manpages in separate outputs
9 years ago
9539db1ec3
openssl: Update to 1.0.1p
9 years ago
507bb016cc
openssl: Clean up the cross compile arguments
...
Also add a check to make sure we don't depend on perl in the output
9 years ago
b333a2cb19
openssl: remove some cruft
9 years ago
a4178b1b8a
openssl: Update to 1.0.1o
...
From https://www.openssl.org/news/openssl-1.0.1-notes.html :
"Fix HMAC ABI incompatibility"
9 years ago
415407bd93
openssl: Update to 1.0.1n
...
CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176
9 years ago
3aee39bb83
openssl: Fix removal of the ssl/misc scripts
...
This drops the dependency of $out on Perl.
(cherry picked from commit a5fb18473e
9 years ago
afa5859716
openssl: Cleanup some old, untested patches
9 years ago
3f6949c3ef
cygwin: openssl for x86_64
9 years ago
2fe351c7e3
openssl: Update to 1.0.1m
...
Fixes various "Moderate" / "Low" CVEs:
http://openssl.org/news/secadv_20150319.txt
9 years ago
1fb78f8994
openssl: 1.0.1k -> 1.0.1l
9 years ago
dbbd849ce8
openssl: 1.0.1j -> 1.0.1k
...
(cherry picked from commit 70a7d4bd16454b8b27d404a109c615462cc4fa9e)
Signed-off-by: Domen Kožar <domen@dev.si>
10 years ago
c758ec756b
openssl: 1.0.1i -> 1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)
10 years ago
e431a3e0b5
openssl: make it deterministic
10 years ago
a70180ba73
mutiout: make it builtin
10 years ago
fb59f27a43
WIP: getting good
10 years ago
4dccb224c5
WIP2
10 years ago
5c276c4f68
openssl: update to version 1.0.1i
...
See https://www.openssl.org/news/secadv_20140806.txt for a long list of CVE numbers.
Fixes <https://github.com/NixOS/nixpkgs/issues/3485 >.
10 years ago
15f092d7a7
openssl: 1.0.1g -> 1.0.1h
...
CVE-2014-0224
CVE-2014-0221
CVE-2014-0195
CVE-2014-0198
CVE-2010-5298
CVE-2014-3470
10 years ago
9ec52d6323
Fixes to make basic builds on Cygwin work again + additions to support x86_64-cygwin
10 years ago
1140f06e0f
openssl: 1.0.1f -> 1.0.1g
...
CVE-2014-0160, CVE-2014-0076
10 years ago
5e95800f26
openssl: Use Darwin patch for cross-builds too.
...
Might be better to have something like stdenv.isDarwinTarget, which can
be used to test for native Darwin _and_ cross-built Darwin as a target.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
10 years ago
30962765e0
openssl/cross: Fix build for Darwin.
...
This is just a minor fix, because when using "darwin64-x86_64-cc" for
config.openssl.system, the OpenSSL build scripts try to compile with
$prefix-cc, which is not available with the gcc-cross-wrapper.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
10 years ago
f0037b85d1
Revert "openssl: security update 1.0.1e -> f". This update is part of stdenv-updates already, which should be merged
...
relatively soon.
This reverts commit f1766c252f
11 years ago
f1766c252f
openssl: security update 1.0.1e -> f
...
It's supposed to fix CVE-2013-{4353,6449,6450}
http://www.openssl.org/news/openssl-1.0.1-notes.html
I just tested the build succeeds, the list of major changes seems safe.
11 years ago
340b6ab649
openssl: Update to 1.0.1f
...
CVE-2013-6449, CVE-2013-6450, CVE-2013-4353.
11 years ago
2cfeca153c
openssl, cups: Fix stripping libraries
11 years ago
2c9fa33521
openssl: Split header files from the libraries
11 years ago
a5fb18473e
openssl: Fix removal of the ssl/misc scripts
...
This drops the dependency of $out on Perl.
11 years ago
cf42601f92
Coreutils update and Illumos compatibility fixes.
...
- GNU Coreutils 8.21
- Add is64Bit checks to stdenv for Solaris.
- Fix OpenSSL Illumos build.
11 years ago
e259e52a7d
openssl: update to version 1.0.1e
12 years ago
ab3eeabfed
Rename buildNativeInputs -> nativeBuildInputs
...
Likewise for propagatedBuildNativeInputs, etc. "buildNativeInputs"
sounds like an imperative rather than a noun phrase.
12 years ago
88f7000aa4
openssl: Fix building on Darwin
...
http://hydra.nixos.org/build/3491716
12 years ago
Peter Simons