From 72110322c089fc850347f86d7a45053e6b2de7b2 Mon Sep 17 00:00:00 2001
From: Andreas Rammhold <andreas@rammhold.de>
Date: Tue, 27 Mar 2018 19:40:12 +0200
Subject: [PATCH] openssl_1_1_0: 1.1.0g -> 1.1.0h (fixes CVE-2018-0739,
 CVE-2017-3738)

Also fixes CVE-2018-0733 but we do not support HP-UX to my knowledge :-)

Announcement at [1].

[1] https://www.openssl.org/news/secadv/20180327.txt
---
 pkgs/development/libraries/openssl/default.nix | 11 ++---------
 1 file changed, 2 insertions(+), 9 deletions(-)

diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index b029615d7920..5a9052222cb8 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -118,15 +118,8 @@ in {
   };
 
   openssl_1_1_0 = common {
-    version = "1.1.0g";
-    sha256 = "1bvka2wf33w2vxv7yw578nnjqyhz2b3chvfb0l4k2ffscw950kfy";
-    patches = [
-      (fetchpatch {
-        name = "CVE-2017-3738.patch";
-        url = "https://github.com/openssl/openssl/commit/563066.patch";
-        sha256 = "0ni9fwpxf8raw8b58pfa15akbqmxx4q64v0ldsm4b9dqhbxf8mkz";
-      })
-    ];
+    version = "1.1.0h";
+    sha256 = "05x509lccqjscgyi935z809pwfm708islypwhmjnb6cyvrn64daq";
   };
 
 }