Eelco Dolstra
e0d17fdf10
openssl: Use 1.0.2 by default
...
Provided that not too much breaks, we should probably cherry-pick this
to 16.03, since the end of the 1.0.1 support window is a bit too close
to the expected lifetime of 16.0.3. @domenkozar
2016-03-01 15:25:53 +01:00
Eelco Dolstra
cdbd14a1a8
openssl: 1.0.1r -> 1.0.1s, 1.0.2f -> 1.0.2g
...
CVE-2016-0800
2016-03-01 15:18:57 +01:00
Eelco Dolstra
ef86e9506d
Untested fix for #13401
2016-02-24 14:01:20 +01:00
Eelco Dolstra
917ca8920d
Move setting $SSL_CERT_FILE to stdenv
...
Doing it in an openssl setup hook only works if packages have openssl
as a build input - it doesn't work if they're using a program linked
against openssl.
2016-02-03 13:59:10 +01:00
Eelco Dolstra
cc2cec6300
openssl: Unify 1.0.1 and 1.0.2 expressions
2016-02-03 13:54:22 +01:00
Eelco Dolstra
788da6894f
openssl: Compile in /etc/ssl/certs/ca-certificates.crt
2016-02-03 13:45:05 +01:00
Guillaume Maudoux
9f358f809d
Configure a default trust store for openssl
2016-02-03 12:42:01 +01:00
Eelco Dolstra
2ecb6b4574
openssl: 1.0.1q -> 1.0.1r
...
CVE-2015-3197 (low severity)
2016-01-28 18:57:23 +01:00
codsl
fb3b9f5f8b
openssl: security update 1.0.1p -> 1.0.1q
...
Fixes CVE-2015-3194 and CVE-2015-3195.
Taken from #11469 .
2015-12-05 11:25:27 +01:00
Matthias C. M. Troffaes
1c0b060295
openssl: use prefixed windres and ranlib for cross build
2015-11-04 08:48:38 +00:00
Eelco Dolstra
e1f78bf677
More docs/manpages in separate outputs
2015-07-27 00:27:54 +02:00
Eelco Dolstra
9539db1ec3
openssl: Update to 1.0.1p
2015-07-09 15:15:52 +02:00
William A. Kennington III
507bb016cc
openssl: Clean up the cross compile arguments
...
Also add a check to make sure we don't depend on perl in the output
2015-06-20 14:30:18 -07:00
Peter Simons
b333a2cb19
openssl: remove some cruft
2015-06-16 14:19:25 +02:00
Eelco Dolstra
a4178b1b8a
openssl: Update to 1.0.1o
...
From https://www.openssl.org/news/openssl-1.0.1-notes.html :
"Fix HMAC ABI incompatibility"
2015-06-16 14:16:08 +02:00
Eelco Dolstra
415407bd93
openssl: Update to 1.0.1n
...
CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176
2015-06-11 18:32:13 +02:00
Eelco Dolstra
3aee39bb83
openssl: Fix removal of the ssl/misc scripts
...
This drops the dependency of $out on Perl.
(cherry picked from commit a5fb18473e
)
Signed-off-by: Domen Kožar <domen@dev.si>
Conflicts:
pkgs/development/libraries/openssl/default.nix
2015-06-01 11:01:57 +02:00
William A. Kennington III
afa5859716
openssl: Cleanup some old, untested patches
2015-05-29 16:08:27 -07:00
Marko Durkovic
3f6949c3ef
cygwin: openssl for x86_64
2015-05-28 10:53:35 +02:00
Eelco Dolstra
2fe351c7e3
openssl: Update to 1.0.1m
...
Fixes various "Moderate" / "Low" CVEs:
http://openssl.org/news/secadv_20150319.txt
2015-03-19 15:57:17 +01:00
Domen Kožar
1fb78f8994
openssl: 1.0.1k -> 1.0.1l
2015-02-27 12:59:59 +01:00
Domen Kožar
dbbd849ce8
openssl: 1.0.1j -> 1.0.1k
...
(cherry picked from commit 70a7d4bd16
)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-01-09 20:22:02 +01:00
Eelco Dolstra
09dc132e04
Merge remote-tracking branch 'origin/master' into staging
...
Conflicts:
pkgs/development/libraries/poppler/default.nix
2014-10-16 15:16:50 +02:00
Domen Kožar
c758ec756b
openssl: 1.0.1i -> 1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568)
2014-10-15 16:12:23 +02:00
Alexander Kjeldaas
e431a3e0b5
openssl: make it deterministic
2014-09-13 15:05:27 +02:00
Vladimír Čunát
d1ed0f44cd
Merge #2823 : better cygwin support, also add x86_64
...
Conflicts (easy):
pkgs/development/interpreters/perl/5.16/default.nix
2014-08-14 20:38:09 +02:00
Peter Simons
5c276c4f68
openssl: update to version 1.0.1i
...
See https://www.openssl.org/news/secadv_20140806.txt for a long list of CVE numbers.
Fixes <https://github.com/NixOS/nixpkgs/issues/3485 >.
2014-08-08 09:46:57 +02:00
Domen Kožar
15f092d7a7
openssl: 1.0.1g -> 1.0.1h
...
CVE-2014-0224
CVE-2014-0221
CVE-2014-0195
CVE-2014-0198
CVE-2010-5298
CVE-2014-3470
2014-06-05 14:32:11 +02:00
Sander van der Burg
9ec52d6323
Fixes to make basic builds on Cygwin work again + additions to support x86_64-cygwin
2014-05-29 14:47:07 +02:00
aszlig
625d7b9043
Merge pull request #1928 from 'cross-win-osx'.
...
This includes a lot of fixes for cross-building to Windows and Mac OS X
and could possibly fix things even for non-cross-builds, like for
example OpenSSL on Windows.
The main reason for merging this in 14.04 already is that we already
have runInWindowsVM in master and it doesn't work until we actually
cross-build Cygwin's setup binary as the upstream version is a fast
moving target which gets _overwritten_ on every new release.
Conflicts:
pkgs/top-level/all-packages.nix
2014-04-21 10:00:35 +02:00
Domen Kožar
1140f06e0f
openssl: 1.0.1f -> 1.0.1g
...
CVE-2014-0160, CVE-2014-0076
2014-04-07 20:33:38 +02:00
aszlig
5e95800f26
openssl: Use Darwin patch for cross-builds too.
...
Might be better to have something like stdenv.isDarwinTarget, which can
be used to test for native Darwin _and_ cross-built Darwin as a target.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
aszlig
30962765e0
openssl/cross: Fix build for Darwin.
...
This is just a minor fix, because when using "darwin64-x86_64-cc" for
config.openssl.system, the OpenSSL build scripts try to compile with
$prefix-cc, which is not available with the gcc-cross-wrapper.
Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
Eelco Dolstra
340b6ab649
openssl: Update to 1.0.1f
...
CVE-2013-6449, CVE-2013-6450, CVE-2013-4353.
2014-01-07 09:40:35 +01:00
Danny Wilson
cf42601f92
Coreutils update and Illumos compatibility fixes.
...
- GNU Coreutils 8.21
- Add is64Bit checks to stdenv for Solaris.
- Fix OpenSSL Illumos build.
2013-02-28 20:04:01 +01:00
Peter Simons
e259e52a7d
openssl: update to version 1.0.1e
2013-02-18 11:53:57 +01:00
Eelco Dolstra
ab3eeabfed
Rename buildNativeInputs -> nativeBuildInputs
...
Likewise for propagatedBuildNativeInputs, etc. "buildNativeInputs"
sounds like an imperative rather than a noun phrase.
2012-12-28 19:20:09 +01:00
Eelco Dolstra
88f7000aa4
openssl: Fix building on Darwin
...
http://hydra.nixos.org/build/3491716
2012-12-18 18:03:26 +01:00
Eelco Dolstra
e5497ca043
openssl: Install config files in $out/etc/ssl in $out/ssl
2012-11-23 17:29:06 +01:00
Peter Simons
f67d5a9a39
Merge branch 'master' into stdenv-updates.
...
Conflicts have been resolved in:
pkgs/tools/misc/file/default.nix
pkgs/top-level/all-packages.nix
pkgs/top-level/python-packages.nix
2012-11-21 16:20:36 +01:00
Peter Simons
02cd9a906e
openssl: strip trailing whitespace
2012-10-23 18:36:02 +02:00
Peter Simons
8d469a5bbc
openssl: update to version 1.0.1c
2012-10-23 18:35:51 +02:00
Lluís Batlle i Rossell
57b578189b
Adding cryptodev-linux, and made openssl use it optionally.
...
I'm trying to get the CESA of the sheevaplug available to openssl.
2012-09-23 20:51:15 +02:00
Peter Simons
d5677fe6c7
stdenv-updates: merge updates from 'master' branch
2012-09-11 16:48:41 +02:00
Ludovic Courtès
04661ec850
openssl: fix GNU/kFreeBSD builds
2012-08-13 14:12:54 +02:00
Eelco Dolstra
ad943dbbe3
* OpenSSL 1.0.0j (CVE-2012-2333).
...
svn path=/nixpkgs/branches/stdenv-updates/; revision=34205
2012-05-21 23:31:28 +00:00
Eelco Dolstra
6c36eece34
* Remove the FreeBSD patch. It no longer applies and no longer seems needed.
...
svn path=/nixpkgs/branches/stdenv-updates/; revision=34006
2012-05-07 19:56:14 +00:00
Eelco Dolstra
d0a1fe6b90
* Revert to the OpenSSL 1.0.0 series (though a newer version) because
...
1.0.1 doesn't build on FreeBSD and Darwin (due to our patches).
svn path=/nixpkgs/branches/stdenv-updates/; revision=34001
2012-05-07 01:08:33 +00:00
Eelco Dolstra
0ae007e26f
* OpenSSL 1.0.1b (includes security fixes).
...
svn path=/nixpkgs/branches/stdenv-updates/; revision=33989
2012-05-05 15:00:10 +00:00
Florian Friesdorf
be815e7639
add an openssl mirror url as primary is currently down
...
svn path=/nixpkgs/branches/stdenv-updates/; revision=32578
2012-02-26 17:22:50 +00:00