3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

217 commits

Author SHA1 Message Date
Vladimír Čunát a92c2cb994 openssl_1_0_2: high-severity security update e -> f
Fixes CVE-2016-0701 and CVE-2015-3197.
2016-01-28 20:35:00 +01:00
Eelco Dolstra 2ecb6b4574 openssl: 1.0.1q -> 1.0.1r
CVE-2015-3197 (low severity)
2016-01-28 18:57:23 +01:00
Luca Bruno 5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
codsl 51a5f49d70 openssl: security update 1.0.2d -> 1.0.2e
Fixes CVE-2015-3193, CVE-2015-3194, CVE-2015-3195 and CVE-2015-3196.
Close #11469.
2015-12-05 11:32:49 +01:00
codsl fb3b9f5f8b openssl: security update 1.0.1p -> 1.0.1q
Fixes CVE-2015-3194 and CVE-2015-3195.
Taken from #11469.
2015-12-05 11:25:27 +01:00
Vladimír Čunát 333d69a5f0 Merge staging into closure-size
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
2015-11-20 14:32:58 +01:00
Matthias C. M. Troffaes 1c0b060295 openssl: use prefixed windres and ranlib for cross build 2015-11-04 08:48:38 +00:00
Vladimír Čunát 9fbb83b467 openssl: fixup after merge 2015-10-03 16:28:39 +02:00
Vladimír Čunát f361938b21 Merge staging into closure-size
This makes gcc5 the default builder, etc.
2015-10-03 15:23:13 +02:00
Vladimír Čunát 5227fb1dd5 Merge commit staging+systemd into closure-size
Many non-conflict problems weren't (fully) resolved in this commit yet.
2015-10-03 13:33:37 +02:00
William A. Kennington III eae9889b82 openssl: Major bump 1.0.1 -> 1.0.2 2015-09-15 12:14:12 -07:00
Eelco Dolstra e1f78bf677 More docs/manpages in separate outputs 2015-07-27 00:27:54 +02:00
Eelco Dolstra 5e156b9db7 openssl: Update to 1.0.2d 2015-07-09 15:17:14 +02:00
Eelco Dolstra 9539db1ec3 openssl: Update to 1.0.1p 2015-07-09 15:15:52 +02:00
William A. Kennington III 7f9a4957ee openssl: Make 1.0.2 conform to the 1.0.1 derivation 2015-06-22 20:00:44 -07:00
William A. Kennington III c6e512b80c Merge branch 'master.upstream' into staging.upstream 2015-06-22 12:43:12 -07:00
Mike Sperber bd003198b3 openssl: patch not needed anymore for darwin platform, closes #8456
The darwin-arch.patch that was needed for previous releases doesn't
apply, and also doesn't work anymore. It builds fine without.
2015-06-22 19:59:28 +02:00
William A. Kennington III 282d03befa Merge branch 'master.upstream' into staging.upstream 2015-06-22 10:57:36 -07:00
William A. Kennington III 507bb016cc openssl: Clean up the cross compile arguments
Also add a check to make sure we don't depend on perl in the output
2015-06-20 14:30:18 -07:00
Vladimír Čunát f5cae29005 openssl-1.0.2: bug+security upate (Fixes #8415) 2015-06-20 09:10:54 +02:00
Peter Simons b333a2cb19 openssl: remove some cruft 2015-06-16 14:19:25 +02:00
Eelco Dolstra a4178b1b8a openssl: Update to 1.0.1o
From https://www.openssl.org/news/openssl-1.0.1-notes.html:

"Fix HMAC ABI incompatibility"
2015-06-16 14:16:08 +02:00
Eelco Dolstra 415407bd93 openssl: Update to 1.0.1n
CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176
2015-06-11 18:32:13 +02:00
Eelco Dolstra 3aee39bb83 openssl: Fix removal of the ssl/misc scripts
This drops the dependency of $out on Perl.

(cherry picked from commit a5fb18473e)
Signed-off-by: Domen Kožar <domen@dev.si>

Conflicts:
	pkgs/development/libraries/openssl/default.nix
2015-06-01 11:01:57 +02:00
William A. Kennington III 867d2c5c46 openssl: Remove References to OPENSSL_X509_CERT_FILE 2015-05-31 15:50:51 -07:00
William A. Kennington III afa5859716 openssl: Cleanup some old, untested patches 2015-05-29 16:08:27 -07:00
Peter Simons d9cc38757a openssl: add version 1.0.2a as attribute 'openssl_1_0_2'
We'll try switching our default version after the 15.06 release has been
branched off. Resolves https://github.com/NixOS/nixpkgs/issues/7970.
2015-05-29 09:52:29 +02:00
Marko Durkovic 3f6949c3ef cygwin: openssl for x86_64 2015-05-28 10:53:35 +02:00
Vladimír Čunát bf414c9d4f Merge 'staging' into closure-size
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes

Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
2015-04-18 11:22:20 +02:00
Russell O'Connor e2e4c1182e Update OpenSSL dependency of bitcoin to be the latest OpenSSL.
Purge OpenSSL version 1.0.1j.
2015-03-21 17:49:42 -04:00
Vladimír Čunát cd97c58110 openssl_1_0_1j: fix after updating the main version 2015-03-19 20:28:35 +01:00
Eelco Dolstra 2fe351c7e3 openssl: Update to 1.0.1m
Fixes various "Moderate" / "Low" CVEs:
http://openssl.org/news/secadv_20150319.txt
2015-03-19 15:57:17 +01:00
Domen Kožar 1fb78f8994 openssl: 1.0.1k -> 1.0.1l 2015-02-27 12:59:59 +01:00
Russell O'Connor af3c4a2744 Bitcoin 0.9.3 won't work with OpenSSL 1.0.1k.
This patch restores OpenSSL 1.0.1j and builds Bitcoin against it.
2015-02-05 11:40:57 -05:00
Domen Kožar dbbd849ce8 openssl: 1.0.1j -> 1.0.1k
(cherry picked from commit 70a7d4bd16)
Signed-off-by: Domen Kožar <domen@dev.si>
2015-01-09 20:22:02 +01:00
Eelco Dolstra 09dc132e04 Merge remote-tracking branch 'origin/master' into staging
Conflicts:
	pkgs/development/libraries/poppler/default.nix
2014-10-16 15:16:50 +02:00
Domen Kožar c758ec756b openssl: 1.0.1i -> 1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568) 2014-10-15 16:12:23 +02:00
Alexander Kjeldaas e431a3e0b5 openssl: make it deterministic 2014-09-13 15:05:27 +02:00
Vladimír Čunát a70180ba73 mutiout: make it builtin 2014-08-30 08:27:43 +02:00
Vladimír Čunát fb59f27a43 WIP: getting good 2014-08-27 01:14:09 +02:00
Vladimír Čunát 4dccb224c5 WIP2 2014-08-26 01:10:56 +02:00
Vladimír Čunát 96cec2a7bd Merge 'staging' into multiple-outputs
Conflicts:
	pkgs/applications/audio/flac/default.nix
	pkgs/build-support/gcc-wrapper/builder.sh
	pkgs/development/libraries/apr-util/default.nix
	pkgs/development/libraries/apr/default.nix
	pkgs/development/libraries/atk/default.nix
	pkgs/development/libraries/freetype/default.nix
	pkgs/development/libraries/gdk-pixbuf/default.nix
	pkgs/development/libraries/glib/default.nix
	pkgs/development/libraries/glibc/2.17/builder.sh
	pkgs/development/libraries/glibc/2.17/locales.nix
	pkgs/development/libraries/libjpeg/default.nix
	pkgs/development/libraries/libogg/default.nix
	pkgs/development/libraries/libsamplerate/default.nix
	pkgs/development/libraries/libtiff/default.nix
	pkgs/development/libraries/libvorbis/default.nix
	pkgs/development/libraries/mesa/default.nix
	pkgs/development/libraries/pango/default.nix
	pkgs/development/web/nodejs/default.nix
	pkgs/os-specific/linux/pam/default.nix
	pkgs/os-specific/linux/systemd/default.nix
	pkgs/stdenv/generic/setup.sh
	pkgs/stdenv/linux/default.nix
	pkgs/top-level/all-packages.nix
	pkgs/top-level/release-small.nix
2014-08-23 16:04:53 +02:00
Vladimír Čunát d1ed0f44cd Merge #2823: better cygwin support, also add x86_64
Conflicts (easy):
	pkgs/development/interpreters/perl/5.16/default.nix
2014-08-14 20:38:09 +02:00
Peter Simons 5c276c4f68 openssl: update to version 1.0.1i
See https://www.openssl.org/news/secadv_20140806.txt for a long list of CVE numbers.
Fixes <https://github.com/NixOS/nixpkgs/issues/3485>.
2014-08-08 09:46:57 +02:00
Domen Kožar 15f092d7a7 openssl: 1.0.1g -> 1.0.1h
CVE-2014-0224
CVE-2014-0221
CVE-2014-0195
CVE-2014-0198
CVE-2010-5298
CVE-2014-3470
2014-06-05 14:32:11 +02:00
Sander van der Burg 9ec52d6323 Fixes to make basic builds on Cygwin work again + additions to support x86_64-cygwin 2014-05-29 14:47:07 +02:00
aszlig 625d7b9043
Merge pull request #1928 from 'cross-win-osx'.
This includes a lot of fixes for cross-building to Windows and Mac OS X
and could possibly fix things even for non-cross-builds, like for
example OpenSSL on Windows.

The main reason for merging this in 14.04 already is that we already
have runInWindowsVM in master and it doesn't work until we actually
cross-build Cygwin's setup binary as the upstream version is a fast
moving target which gets _overwritten_ on every new release.

Conflicts:
	pkgs/top-level/all-packages.nix
2014-04-21 10:00:35 +02:00
Domen Kožar 1140f06e0f openssl: 1.0.1f -> 1.0.1g
CVE-2014-0160, CVE-2014-0076
2014-04-07 20:33:38 +02:00
aszlig c7bac81c66
Merge 'mingw-w64' and 'darwin' into cross-win-osx.
Both branches have quite a lot in common, so it's time for a merge and
do the cleanups with respect to both implementations and also generalize
both implementations as much as possible.

This also closes #1876.

Conflicts:
	pkgs/development/interpreters/lua-5/5.2.nix
	pkgs/development/libraries/SDL/default.nix
	pkgs/development/libraries/glew/default.nix
	pkgs/top-level/all-packages.nix
2014-03-12 10:16:51 +01:00
aszlig 5e95800f26
openssl: Use Darwin patch for cross-builds too.
Might be better to have something like stdenv.isDarwinTarget, which can
be used to test for native Darwin _and_ cross-built Darwin as a target.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
aszlig 30962765e0
openssl/cross: Fix build for Darwin.
This is just a minor fix, because when using "darwin64-x86_64-cc" for
config.openssl.system, the OpenSSL build scripts try to compile with
$prefix-cc, which is not available with the gcc-cross-wrapper.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-03-12 10:00:47 +01:00
aszlig 60a2fc1fec
openssl: Fix Windows compat in cert-file.patch.
In Windows there is no get(e)uid() call available, so the build fails.

The patch now checks whether OPENSSL_SYS_WINDOWS is defined and only
uses those calls if _not_ on Windows.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
2014-02-24 07:26:22 +01:00
Eelco Dolstra 340b6ab649 openssl: Update to 1.0.1f
CVE-2013-6449, CVE-2013-6450, CVE-2013-4353.
2014-01-07 09:40:35 +01:00
Eelco Dolstra 2cfeca153c openssl, cups: Fix stripping libraries 2013-06-12 16:10:54 +02:00
Eelco Dolstra 2c9fa33521 openssl: Split header files from the libraries 2013-06-11 14:28:49 +02:00
Eelco Dolstra a5fb18473e openssl: Fix removal of the ssl/misc scripts
This drops the dependency of $out on Perl.
2013-06-11 12:39:32 +02:00
Eelco Dolstra 99b88cfb53 Merge remote-tracking branch 'origin/master' into multiple-outputs
Conflicts:
	pkgs/development/libraries/acl/default.nix
	pkgs/development/libraries/atk/2.6.x.nix
	pkgs/development/libraries/attr/default.nix
	pkgs/development/libraries/cairo/default.nix
	pkgs/development/libraries/freetype/default.nix
	pkgs/development/libraries/glib/2.34.x.nix
	pkgs/development/libraries/gtk+/2.24.x.nix
	pkgs/development/libraries/libtiff/default.nix
	pkgs/development/libraries/openssl/default.nix
	pkgs/development/libraries/pango/1.30.x.nix
	pkgs/misc/cups/default.nix
	pkgs/os-specific/linux/util-linux/default.nix
	pkgs/servers/x11/xorg/builder.sh
	pkgs/servers/x11/xorg/default.nix
	pkgs/top-level/all-packages.nix
2013-06-09 00:41:27 +02:00
Danny Wilson cf42601f92 Coreutils update and Illumos compatibility fixes.
- GNU Coreutils 8.21
- Add is64Bit checks to stdenv for Solaris.
- Fix OpenSSL Illumos build.
2013-02-28 20:04:01 +01:00
Peter Simons e259e52a7d openssl: update to version 1.0.1e 2013-02-18 11:53:57 +01:00
Eelco Dolstra ab3eeabfed Rename buildNativeInputs -> nativeBuildInputs
Likewise for propagatedBuildNativeInputs, etc.  "buildNativeInputs"
sounds like an imperative rather than a noun phrase.
2012-12-28 19:20:09 +01:00
Eelco Dolstra 88f7000aa4 openssl: Fix building on Darwin
http://hydra.nixos.org/build/3491716
2012-12-18 18:03:26 +01:00
Eelco Dolstra e5497ca043 openssl: Install config files in $out/etc/ssl in $out/ssl 2012-11-23 17:29:06 +01:00
Peter Simons f67d5a9a39 Merge branch 'master' into stdenv-updates.
Conflicts have been resolved in:

        pkgs/tools/misc/file/default.nix
        pkgs/top-level/all-packages.nix
        pkgs/top-level/python-packages.nix
2012-11-21 16:20:36 +01:00
Peter Simons 02cd9a906e openssl: strip trailing whitespace 2012-10-23 18:36:02 +02:00
Peter Simons 8d469a5bbc openssl: update to version 1.0.1c 2012-10-23 18:35:51 +02:00
Lluís Batlle i Rossell 57b578189b Adding cryptodev-linux, and made openssl use it optionally.
I'm trying to get the CESA of the sheevaplug available to openssl.
2012-09-23 20:51:15 +02:00
Peter Simons d5677fe6c7 stdenv-updates: merge updates from 'master' branch 2012-09-11 16:48:41 +02:00
Eelco Dolstra 283164779b openssl: Separate programs 2012-08-24 23:42:33 -04:00
Eelco Dolstra 7369c443a8 openssl: Separate manpages 2012-08-24 22:24:49 -04:00
Ludovic Courtès 04661ec850 openssl: fix GNU/kFreeBSD builds 2012-08-13 14:12:54 +02:00
Eelco Dolstra ad943dbbe3 * OpenSSL 1.0.0j (CVE-2012-2333).
svn path=/nixpkgs/branches/stdenv-updates/; revision=34205
2012-05-21 23:31:28 +00:00
Eelco Dolstra 6c36eece34 * Remove the FreeBSD patch. It no longer applies and no longer seems needed.
svn path=/nixpkgs/branches/stdenv-updates/; revision=34006
2012-05-07 19:56:14 +00:00
Eelco Dolstra d0a1fe6b90 * Revert to the OpenSSL 1.0.0 series (though a newer version) because
1.0.1 doesn't build on FreeBSD and Darwin (due to our patches).

svn path=/nixpkgs/branches/stdenv-updates/; revision=34001
2012-05-07 01:08:33 +00:00
Eelco Dolstra 0ae007e26f * OpenSSL 1.0.1b (includes security fixes).
svn path=/nixpkgs/branches/stdenv-updates/; revision=33989
2012-05-05 15:00:10 +00:00
Florian Friesdorf be815e7639 add an openssl mirror url as primary is currently down
svn path=/nixpkgs/branches/stdenv-updates/; revision=32578
2012-02-26 17:22:50 +00:00
Eelco Dolstra 91b19832c9 * Fix the Darwin patch for OpenSSL.
svn path=/nixpkgs/branches/stdenv-updates/; revision=31791
2012-01-23 12:59:18 +00:00
Eelco Dolstra 22f3ff8f0d * OpenSSL updated to 1.0.0g.
svn path=/nixpkgs/branches/stdenv-updates/; revision=31740
2012-01-20 16:41:11 +00:00
Yury G. Kudryashov 9ee0a9df9b svn merge ^/nixpkgs/trunk
A few trivial conflicts

svn path=/nixpkgs/branches/stdenv-updates/; revision=31434
2012-01-08 16:01:12 +00:00
Lluís Batlle i Rossell 11f55d273b I found that instantiating xbursttools brought to the openssl evaluation
throwing an exception about an undefined platform.openssl.system.

That was introduced by r31330, which made openssl for the build system to
evaluate the platform.openssl.system, that should only be needed for the host
system.

I also revert supplying openssl.system for xbursttools.


svn path=/nixpkgs/trunk/; revision=31379
2012-01-06 21:31:29 +00:00
Ludovic Courtès 7232a1e33a OpenSSL: Further fix `Configure' for GNU builds.
svn path=/nixpkgs/trunk/; revision=31348
2012-01-06 14:07:02 +00:00
Yury G. Kudryashov 10fd822319 Fix typo
Introduced while merging trunk

svn path=/nixpkgs/branches/stdenv-updates/; revision=31339
2012-01-06 09:41:22 +00:00
Yury G. Kudryashov 900c6e18cd svn merge ^/nixpkgs/trunk
Conflicts: openssl, libplist

svn path=/nixpkgs/branches/stdenv-updates/; revision=31337
2012-01-06 01:07:45 +00:00
Ludovic Courtès 3d0f767b91 OpenSSL: Fix compilation on GNU/Hurd.
svn path=/nixpkgs/trunk/; revision=31330
2012-01-05 23:46:17 +00:00
Eelco Dolstra ca73b1fb33 * Resolve a collision between OpenSSL and man-pages
(in ‘share/man/man3/err.3’).

svn path=/nixpkgs/trunk/; revision=31296
2012-01-04 19:48:08 +00:00
Yury G. Kudryashov 2bca92e32d Merge trunk
Conflicts:
1. cmake upgrade: use 2.8.7
2. openssl: left FreeBSD-asm patch.

svn path=/nixpkgs/branches/stdenv-updates/; revision=31245
2012-01-03 17:25:24 +00:00
Lluís Batlle i Rossell 2833652d5a Moving openssl 1.0.0e.nix to default.nix, as Eelco suggests. The 1.0.0e expression was moremaintained.
When I updated openssl, I didn't know there was such a file.


svn path=/nixpkgs/trunk/; revision=31233
2012-01-03 14:31:11 +00:00
Lluís Batlle i Rossell 709ae01f34 Updating openssl.
svn path=/nixpkgs/trunk/; revision=31215
2012-01-02 18:18:04 +00:00
Eelco Dolstra eda3fd1730 * Sync with the trunk.
svn path=/nixpkgs/branches/stdenv-updates/; revision=30852
2011-12-12 16:54:35 +00:00
Ludovic Courtès dd4841e833 OpenSSL: Fix compilation on x86_64-freebsd.
svn path=/nixpkgs/trunk/; revision=30642
2011-12-01 10:59:26 +00:00
Shea Levy b597d8bfb6 openssl: Fix target settings when building for GNU/hurd
GNU/hurd cross-build succeeds now!

svn path=/nixpkgs/trunk/; revision=30452
2011-11-16 19:03:52 +00:00
Shea Levy 4231e7ba5e openssl: Fix hurd-x86 cross-build
Now the install phase fails.

svn path=/nixpkgs/trunk/; revision=30451
2011-11-16 18:33:12 +00:00
Eelco Dolstra a839947b85 * Make OpenSSL 1.0.0e the default.
svn path=/nixpkgs/branches/stdenv-updates/; revision=30233
2011-11-04 18:48:25 +00:00
Eelco Dolstra a35804be30 * Another unused file.
svn path=/nixpkgs/branches/stdenv-updates/; revision=30232
2011-11-04 18:48:00 +00:00
Eelco Dolstra 03e3e290bc * Remove unused file.
svn path=/nixpkgs/branches/stdenv-updates/; revision=30231
2011-11-04 18:46:20 +00:00
Shea Levy 01df54f5cc Merge from trunk
svn path=/nixpkgs/branches/stdenv-updates/; revision=29461
2011-09-23 16:58:45 +00:00
Peter Simons d709ef5d30 openssl: avoid the need for a recursive expression
svn path=/nixpkgs/trunk/; revision=29426
2011-09-21 18:48:04 +00:00
Peter Simons 6fcd493d5f openssl: added myself as a maintainer
svn path=/nixpkgs/trunk/; revision=29425
2011-09-21 18:45:52 +00:00
Eelco Dolstra 17925a9d3c * OpenSSL: Allow the location of the X509 certificate file (the CA
bundle) to be set through the environment variable
  ‘OPENSSL_X509_CERT_FILE’.  This is necessary because the default
  location ($out/ssl/cert.pem) doesn't exist, and hardcoding something
  like /etc/ssl/cert.pem is impure and cannot be overriden
  per-process.  For security, the environment variable is ignored for
  setuid binaries.

svn path=/nixpkgs/trunk/; revision=29224
2011-09-12 16:57:34 +00:00
Eelco Dolstra 3e54387efd * Added OpenSSL 1.0.0e (not updating the default yet because a lot
depends on it).  Also, install the manpages in $out/share/man rather
  than $out/ssl/man.

svn path=/nixpkgs/trunk/; revision=29208
2011-09-12 16:09:00 +00:00
Shea Levy 4d70ba6cc9 Merge from trunk up through r28790
svn path=/nixpkgs/branches/stdenv-updates/; revision=28792
2011-08-24 19:16:43 +00:00