3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

122 commits

Author SHA1 Message Date
Eelco Dolstra e0d17fdf10 openssl: Use 1.0.2 by default
Provided that not too much breaks, we should probably cherry-pick this
to 16.03, since the end of the 1.0.1 support window is a bit too close
to the expected lifetime of 16.0.3. @domenkozar
2016-03-01 15:25:53 +01:00
Eelco Dolstra cdbd14a1a8 openssl: 1.0.1r -> 1.0.1s, 1.0.2f -> 1.0.2g
CVE-2016-0800
2016-03-01 15:18:57 +01:00
Eelco Dolstra ef86e9506d Untested fix for #13401 2016-02-24 14:01:20 +01:00
Eelco Dolstra 917ca8920d Move setting $SSL_CERT_FILE to stdenv
Doing it in an openssl setup hook only works if packages have openssl
as a build input - it doesn't work if they're using a program linked
against openssl.
2016-02-03 13:59:10 +01:00
Eelco Dolstra cc2cec6300 openssl: Unify 1.0.1 and 1.0.2 expressions 2016-02-03 13:54:22 +01:00
Eelco Dolstra 788da6894f openssl: Compile in /etc/ssl/certs/ca-certificates.crt 2016-02-03 13:45:05 +01:00
Guillaume Maudoux 9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Eelco Dolstra 2ecb6b4574 openssl: 1.0.1q -> 1.0.1r
CVE-2015-3197 (low severity)
2016-01-28 18:57:23 +01:00
codsl fb3b9f5f8b openssl: security update 1.0.1p -> 1.0.1q
Fixes CVE-2015-3194 and CVE-2015-3195.
Taken from #11469.
2015-12-05 11:25:27 +01:00
Matthias C. M. Troffaes 1c0b060295 openssl: use prefixed windres and ranlib for cross build 2015-11-04 08:48:38 +00:00
Eelco Dolstra e1f78bf677 More docs/manpages in separate outputs 2015-07-27 00:27:54 +02:00
Eelco Dolstra 9539db1ec3 openssl: Update to 1.0.1p 2015-07-09 15:15:52 +02:00
William A. Kennington III 507bb016cc openssl: Clean up the cross compile arguments
Also add a check to make sure we don't depend on perl in the output
2015-06-20 14:30:18 -07:00
Peter Simons b333a2cb19 openssl: remove some cruft 2015-06-16 14:19:25 +02:00
Eelco Dolstra a4178b1b8a openssl: Update to 1.0.1o
From https://www.openssl.org/news/openssl-1.0.1-notes.html:

"Fix HMAC ABI incompatibility"
2015-06-16 14:16:08 +02:00
Eelco Dolstra 415407bd93 openssl: Update to 1.0.1n
CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176
2015-06-11 18:32:13 +02:00
Eelco Dolstra 3aee39bb83 openssl: Fix removal of the ssl/misc scripts
This drops the dependency of $out on Perl.

(cherry picked from commit a5fb18473e)
Signed-off-by: Domen Kožar <domen@dev.si>

Conflicts:
	pkgs/development/libraries/openssl/default.nix
2015-06-01 11:01:57 +02:00
William A. Kennington III afa5859716 openssl: Cleanup some old, untested patches 2015-05-29 16:08:27 -07:00
Marko Durkovic 3f6949c3ef cygwin: openssl for x86_64 2015-05-28 10:53:35 +02:00
Eelco Dolstra 2fe351c7e3 openssl: Update to 1.0.1m
Fixes various "Moderate" / "Low" CVEs:
http://openssl.org/news/secadv_20150319.txt
2015-03-19 15:57:17 +01:00
Domen Kožar 1fb78f8994 openssl: 1.0.1k -> 1.0.1l 2015-02-27 12:59:59 +01:00
Domen Kožar dbbd849ce8 openssl: 1.0.1j -> 1.0.1k
(cherry picked from commit 70a7d4bd16)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-01-09 20:22:02 +01:00
Eelco Dolstra 09dc132e04 Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/development/libraries/poppler/default.nix
2014-10-16 15:16:50 +02:00
Domen Kožar c758ec756b openssl: 1.0.1i -> 1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568) 2014-10-15 16:12:23 +02:00
Alexander Kjeldaas e431a3e0b5 openssl: make it deterministic 2014-09-13 15:05:27 +02:00
Vladimír Čunát d1ed0f44cd Merge #2823: better cygwin support, also add x86_64
Conflicts (easy):
	pkgs/development/interpreters/perl/5.16/default.nix
2014-08-14 20:38:09 +02:00
Peter Simons 5c276c4f68 openssl: update to version 1.0.1i
See https://www.openssl.org/news/secadv_20140806.txt for a long list of CVE numbers.
Fixes <https://github.com/NixOS/nixpkgs/issues/3485>.
2014-08-08 09:46:57 +02:00
Domen Kožar 15f092d7a7 openssl: 1.0.1g -> 1.0.1h
CVE-2014-0224
CVE-2014-0221
CVE-2014-0195
CVE-2014-0198
CVE-2010-5298
CVE-2014-3470
2014-06-05 14:32:11 +02:00
Sander van der Burg 9ec52d6323 Fixes to make basic builds on Cygwin work again + additions to support x86_64-cygwin 2014-05-29 14:47:07 +02:00
aszlig 625d7b9043
Merge pull request #1928 from 'cross-win-osx'.
This includes a lot of fixes for cross-building to Windows and Mac OS X
and could possibly fix things even for non-cross-builds, like for
example OpenSSL on Windows.

The main reason for merging this in 14.04 already is that we already
have runInWindowsVM in master and it doesn't work until we actually
cross-build Cygwin's setup binary as the upstream version is a fast
moving target which gets _overwritten_ on every new release.

Conflicts:
	pkgs/top-level/all-packages.nix
2014-04-21 10:00:35 +02:00
Domen Kožar 1140f06e0f openssl: 1.0.1f -> 1.0.1g
CVE-2014-0160, CVE-2014-0076
2014-04-07 20:33:38 +02:00
aszlig 5e95800f26
openssl: Use Darwin patch for cross-builds too.
Might be better to have something like stdenv.isDarwinTarget, which can
be used to test for native Darwin _and_ cross-built Darwin as a target.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
aszlig 30962765e0
openssl/cross: Fix build for Darwin.
This is just a minor fix, because when using "darwin64-x86_64-cc" for
config.openssl.system, the OpenSSL build scripts try to compile with
$prefix-cc, which is not available with the gcc-cross-wrapper.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
Eelco Dolstra 340b6ab649 openssl: Update to 1.0.1f
CVE-2013-6449, CVE-2013-6450, CVE-2013-4353.
2014-01-07 09:40:35 +01:00
Danny Wilson cf42601f92 Coreutils update and Illumos compatibility fixes.
- GNU Coreutils 8.21
- Add is64Bit checks to stdenv for Solaris.
- Fix OpenSSL Illumos build.
2013-02-28 20:04:01 +01:00
Peter Simons e259e52a7d openssl: update to version 1.0.1e 2013-02-18 11:53:57 +01:00
Eelco Dolstra ab3eeabfed Rename buildNativeInputs -> nativeBuildInputs
Likewise for propagatedBuildNativeInputs, etc.  "buildNativeInputs"
sounds like an imperative rather than a noun phrase.
2012-12-28 19:20:09 +01:00
Eelco Dolstra 88f7000aa4 openssl: Fix building on Darwin
http://hydra.nixos.org/build/3491716
2012-12-18 18:03:26 +01:00
Eelco Dolstra e5497ca043 openssl: Install config files in $out/etc/ssl in $out/ssl 2012-11-23 17:29:06 +01:00
Peter Simons f67d5a9a39 Merge branch 'master' into stdenv-updates.
Conflicts have been resolved in:

        pkgs/tools/misc/file/default.nix
        pkgs/top-level/all-packages.nix
        pkgs/top-level/python-packages.nix
2012-11-21 16:20:36 +01:00
Peter Simons 02cd9a906e openssl: strip trailing whitespace 2012-10-23 18:36:02 +02:00
Peter Simons 8d469a5bbc openssl: update to version 1.0.1c 2012-10-23 18:35:51 +02:00
Lluís Batlle i Rossell 57b578189b Adding cryptodev-linux, and made openssl use it optionally.
I'm trying to get the CESA of the sheevaplug available to openssl.
2012-09-23 20:51:15 +02:00
Peter Simons d5677fe6c7 stdenv-updates: merge updates from 'master' branch 2012-09-11 16:48:41 +02:00
Ludovic Courtès 04661ec850 openssl: fix GNU/kFreeBSD builds 2012-08-13 14:12:54 +02:00
Eelco Dolstra ad943dbbe3 * OpenSSL 1.0.0j (CVE-2012-2333).
svn path=/nixpkgs/branches/stdenv-updates/; revision=34205
2012-05-21 23:31:28 +00:00
Eelco Dolstra 6c36eece34 * Remove the FreeBSD patch. It no longer applies and no longer seems needed.
svn path=/nixpkgs/branches/stdenv-updates/; revision=34006
2012-05-07 19:56:14 +00:00
Eelco Dolstra d0a1fe6b90 * Revert to the OpenSSL 1.0.0 series (though a newer version) because
1.0.1 doesn't build on FreeBSD and Darwin (due to our patches).

svn path=/nixpkgs/branches/stdenv-updates/; revision=34001
2012-05-07 01:08:33 +00:00
Eelco Dolstra 0ae007e26f * OpenSSL 1.0.1b (includes security fixes).
svn path=/nixpkgs/branches/stdenv-updates/; revision=33989
2012-05-05 15:00:10 +00:00
Florian Friesdorf be815e7639 add an openssl mirror url as primary is currently down
svn path=/nixpkgs/branches/stdenv-updates/; revision=32578
2012-02-26 17:22:50 +00:00