forked from mirrors/nixpkgs
openssl_1_1_0: 1.1.0h -> 1.1.0i
this addresses: - Client DoS due to large DH parameter (CVE-2018-0732) - Cache timing vulnerability in RSA Key Generation (CVE-2018-0737) Changelog: https://www.openssl.org/news/changelog.html#x1
This commit is contained in:
parent
0a17d08a97
commit
0a40875439
|
@ -124,11 +124,8 @@ in {
|
|||
};
|
||||
|
||||
openssl_1_1_0 = common {
|
||||
version = "1.1.0h";
|
||||
sha256 = "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq";
|
||||
patches = [
|
||||
./revert-relaxed-quoting.patch
|
||||
];
|
||||
version = "1.1.0i";
|
||||
sha256 = "16fgaf113p6s5ixw227sycvihh3zx6f6rf0hvjjhxk68m12cigzb";
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -1,37 +0,0 @@
|
|||
From 7ee2a43069913fb7c444c656048996ea92cc465e Mon Sep 17 00:00:00 2001
|
||||
From: Richard Levitte <levitte@openssl.org>
|
||||
Date: Wed, 28 Mar 2018 14:46:27 +0200
|
||||
Subject: [PATCH] Revert "util/dofile.pl: only quote stuff that actually needs
|
||||
quoting"
|
||||
|
||||
This wasn't a good solution, too many things depend on the quotes being
|
||||
there consistently.
|
||||
|
||||
This reverts commit 49cd47eaababc8c57871b929080fc1357e2ad7b8.
|
||||
|
||||
Fixes #5772
|
||||
|
||||
Reviewed-by: Rich Salz <rsalz@openssl.org>
|
||||
(Merged from https://github.com/openssl/openssl/pull/5773)
|
||||
|
||||
(cherry picked from commit 00701e5ea84861b74d9d624f21a6b3fcb12e8acd)
|
||||
---
|
||||
util/dofile.pl | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/util/dofile.pl b/util/dofile.pl
|
||||
index fc72989b0fd..a932941cd5a 100644
|
||||
--- a/util/dofile.pl
|
||||
+++ b/util/dofile.pl
|
||||
@@ -99,9 +99,9 @@ package main;
|
||||
# This adds quotes (") around the given string, and escapes any $, @, \,
|
||||
# " and ' by prepending a \ to them.
|
||||
sub quotify1 {
|
||||
- my $s = my $orig = shift @_;
|
||||
+ my $s = shift @_;
|
||||
$s =~ s/([\$\@\\"'])/\\$1/g;
|
||||
- $s ne $orig || $s =~ /\s/ ? '"'.$s.'"' : $s;
|
||||
+ '"'.$s.'"';
|
||||
}
|
||||
|
||||
# quotify_l LIST
|
Loading…
Reference in a new issue