JakeHillion/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
173,281 Commits 2 Branches 0 Tags 13 GiB
aefea5f0bd
Commit Graph

213 Commits

Author SHA1 Message Date
Robin Gloster
426b61a1c7
openssl_1_0_1: remove 2017-01-27 21:29:53 +01:00
Franz Pletz
6626b62241
openssl_1_0_1: not maintained anymore, rename as -vulnerable 
This is not maintained anymore upstream but is still used by sslscan.
Until this package is updated or fixed, we'll keep it around under
the unambiguous name openssl_1_0_1-vulnerable.
 2017-01-26 15:41:07 +01:00
Franz Pletz
49bfd6068d
openssl_1_1_0: 1.1.0c -> 1.1.0d for multiple CVEs 
Fixes:

  * CVE-2017-3731
  * CVE-2017-3730
  * CVE-2017-3732
  * CVE-2016-7055
 2017-01-26 15:38:42 +01:00
Franz Pletz
434c15193a
openssl_1_0_2: 1.0.2j -> 1.0.2k for multiple CVEs 
Fixes:

  * CVE-2017-3731
  * CVE-2017-3730
  * CVE-2017-3732
  * CVE-2016-7055
 2017-01-26 15:38:33 +01:00
John Ericson
94df8e7e4d openssl: Output-santizing hack properly uses native perl again 2017-01-24 11:37:56 -05:00
Graham Christensen
bb2a67d226
openssl_1_1_0: 1.1.0b -> 1.1.0c 2016-11-11 07:11:29 -05:00
David McFarland
a50784b34e openssl: add custom build of 1.0.2 for steam 2016-11-09 21:18:32 -04:00
Eelco Dolstra
811b876fab Revert "openssl, curl, git: Respect $NIX_SSL_CERT_FILE" 
This reverts commit 942dbf89c6. Sorry,
this was supposed to go to staging instead of master...
 2016-10-14 16:01:54 +02:00
Eelco Dolstra
942dbf89c6 openssl, curl, git: Respect $NIX_SSL_CERT_FILE 
$NIX_SSL_CERT_FILE overrides $SSL_CERT_FILE, which in turn overrides
the default CA path (/etc/ssl/certs/ca-certificates.crt). This allows
Nix to set a CA path without interfering with other packages (such as
Homebrew).

See https://github.com/NixOS/nix/issues/921.
 2016-10-14 12:06:10 +02:00
Robin Gloster
b743ddf8f9
sslscan: enable ssl2 checking 2016-10-12 14:36:41 +02:00
Franz Pletz
4d75c71f38
openssl: 1.0.2i -> 1.0.2j, 1.1.0a -> 1.1.0b 
https://www.openssl.org/news/secadv/20160926.txt
 2016-09-26 15:02:01 +02:00
Eelco Dolstra
ac03df96ba openssl: 1.0.1t -> 1.0.1u, 1.0.2h -> 1.0.2i, 1.1.0 -> 1.1.0a 
https://www.openssl.org/news/secadv/20160922.txt
 2016-09-22 15:05:09 +02:00
Tuomas Tynkkynen
a17216af4c treewide: Shuffle outputs 
Make either 'bin' or 'out' the first output.
 2016-08-29 14:49:51 +03:00
obadz
ed01e0ca4f openssl: fix merge conflict between b6dabe3 and 6e7ca92 2016-08-28 03:53:13 +01:00
obadz
3de6e5be50 Merge branch 'master' into staging 
Conflicts:
      pkgs/applications/misc/navit/default.nix
      pkgs/applications/networking/mailreaders/alpine/default.nix
      pkgs/applications/networking/mailreaders/realpine/default.nix
      pkgs/development/compilers/ghc/head.nix
      pkgs/development/libraries/openssl/default.nix
      pkgs/games/liquidwar/default.nix
      pkgs/games/spring/springlobby.nix
      pkgs/os-specific/linux/kernel/perf.nix
      pkgs/servers/sip/freeswitch/default.nix
      pkgs/tools/archivers/cromfs/default.nix
      pkgs/tools/graphics/plotutils/default.nix
 2016-08-27 23:54:54 +01:00
Robin Gloster
b6dabe3df0
openssl_1_1_0: init at 1.1.0 2016-08-26 07:39:18 +00:00
Alexey Shmalko
6e7ca9272e
openssl: fix CVE-2016-2177 2016-08-23 03:41:03 +03:00
Peter Simons
8e462995ba Bring my stdenv.lib.maintainers user name in line with my github nick. 2016-05-16 22:49:55 +02:00
Tuomas Tynkkynen
aadaa91379 Merge remote-tracking branch 'upstream/master' into staging 
Conflicts:
	pkgs/applications/networking/browsers/vivaldi/default.nix
	pkgs/misc/emulators/wine/base.nix
 2016-05-03 23:12:48 +03:00
Nathan Zadoks
bdafc6df04 openssl: 1.0.1s -> 1.0.1t, 1.0.2g -> 1.0.2h 
CVE-2016-2108, high severity: Memory corruption in the ASN.1 encoder
CVE-2016-2107, high severity: Padding oracle in AES-NI CBC MAC check
CVE-2016-2105, low severity: EVP_EncodeUpdate overflow
CVE-2016-2106, low severity: EVP_EncryptUpdate overflow
CVE-2016-2109, low severity: ASN.1 BIO excessive memory allocation
CVE-2016-2176, low severity: EBCDIC overread
 2016-05-03 10:54:15 -04:00
Tuomas Tynkkynen
26f90102b8 openssl: fix indentation 2016-04-25 18:19:40 +03:00
Vladimír Čunát
ab15a62c68 Merge branch 'master' into closure-size 
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
 2016-04-01 10:06:01 +02:00
Vladimír Čunát
09af15654f Merge master into closure-size 
The kde-5 stuff still didn't merge well.
I hand-fixed what I saw, but there may be more problems.
 2016-03-08 09:58:19 +01:00
Eelco Dolstra
e0d17fdf10 openssl: Use 1.0.2 by default 
Provided that not too much breaks, we should probably cherry-pick this
to 16.03, since the end of the 1.0.1 support window is a bit too close
to the expected lifetime of 16.0.3. @domenkozar
 2016-03-01 15:25:53 +01:00
Eelco Dolstra
cdbd14a1a8 openssl: 1.0.1r -> 1.0.1s, 1.0.2f -> 1.0.2g 
CVE-2016-0800
 2016-03-01 15:18:57 +01:00
Eelco Dolstra
ef86e9506d Untested fix for #13401 2016-02-24 14:01:20 +01:00
Vladimír Čunát
ae74c356d9 Merge recent 'staging' into closure-size 
Let's get rid of those merge conflicts.
 2016-02-03 16:57:19 +01:00
Eelco Dolstra
917ca8920d Move setting $SSL_CERT_FILE to stdenv 
Doing it in an openssl setup hook only works if packages have openssl
as a build input - it doesn't work if they're using a program linked
against openssl.
 2016-02-03 13:59:10 +01:00
Eelco Dolstra
cc2cec6300 openssl: Unify 1.0.1 and 1.0.2 expressions 2016-02-03 13:54:22 +01:00
Eelco Dolstra
788da6894f openssl: Compile in /etc/ssl/certs/ca-certificates.crt 2016-02-03 13:45:05 +01:00
Guillaume Maudoux
9f358f809d Configure a default trust store for openssl 2016-02-03 12:42:01 +01:00
Eelco Dolstra
2ecb6b4574 openssl: 1.0.1q -> 1.0.1r 
CVE-2015-3197 (low severity)
 2016-01-28 18:57:23 +01:00
Luca Bruno
5b0352a6a4 Merge branch 'master' into closure-size 2015-12-11 18:31:00 +01:00
codsl
fb3b9f5f8b openssl: security update 1.0.1p -> 1.0.1q 
Fixes CVE-2015-3194 and CVE-2015-3195.
Taken from #11469.
 2015-12-05 11:25:27 +01:00
Vladimír Čunát
333d69a5f0 Merge staging into closure-size 
The most complex problems were from dealing with switches reverted in
the meantime (gcc5, gmp6, ncurses6).
It's likely that darwin is (still) broken nontrivially.
 2015-11-20 14:32:58 +01:00
Matthias C. M. Troffaes
1c0b060295 openssl: use prefixed windres and ranlib for cross build 2015-11-04 08:48:38 +00:00
Vladimír Čunát
9fbb83b467 openssl: fixup after merge 2015-10-03 16:28:39 +02:00
Vladimír Čunát
f361938b21 Merge staging into closure-size 
This makes gcc5 the default builder, etc.
 2015-10-03 15:23:13 +02:00
Vladimír Čunát
5227fb1dd5 Merge commit staging+systemd into closure-size 
Many non-conflict problems weren't (fully) resolved in this commit yet.
 2015-10-03 13:33:37 +02:00
William A. Kennington III
eae9889b82 openssl: Major bump 1.0.1 -> 1.0.2 2015-09-15 12:14:12 -07:00
Eelco Dolstra
e1f78bf677 More docs/manpages in separate outputs 2015-07-27 00:27:54 +02:00
Eelco Dolstra
9539db1ec3 openssl: Update to 1.0.1p 2015-07-09 15:15:52 +02:00
William A. Kennington III
507bb016cc openssl: Clean up the cross compile arguments 
Also add a check to make sure we don't depend on perl in the output
 2015-06-20 14:30:18 -07:00
Peter Simons
b333a2cb19 openssl: remove some cruft 2015-06-16 14:19:25 +02:00
Eelco Dolstra
a4178b1b8a openssl: Update to 1.0.1o 
From https://www.openssl.org/news/openssl-1.0.1-notes.html:

"Fix HMAC ABI incompatibility"
 2015-06-16 14:16:08 +02:00
Eelco Dolstra
415407bd93 openssl: Update to 1.0.1n 
CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1792, CVE-2015-1791, CVE-2014-8176
 2015-06-11 18:32:13 +02:00
Eelco Dolstra
3aee39bb83 openssl: Fix removal of the ssl/misc scripts 
This drops the dependency of $out on Perl.

(cherry picked from commit a5fb18473e)
Signed-off-by: Domen Kožar <domen@dev.si>

Conflicts:
	pkgs/development/libraries/openssl/default.nix
 2015-06-01 11:01:57 +02:00
William A. Kennington III
afa5859716 openssl: Cleanup some old, untested patches 2015-05-29 16:08:27 -07:00
Marko Durkovic
3f6949c3ef cygwin: openssl for x86_64 2015-05-28 10:53:35 +02:00
Vladimír Čunát
bf414c9d4f Merge 'staging' into closure-size 
- there were many easy merge conflicts
- cc-wrapper needed nontrivial changes

Many other problems might've been created by interaction of the branches,
but stdenv and a few other packages build fine now.
 2015-04-18 11:22:20 +02:00
Eelco Dolstra
2fe351c7e3 openssl: Update to 1.0.1m 
Fixes various "Moderate" / "Low" CVEs:
http://openssl.org/news/secadv_20150319.txt
 2015-03-19 15:57:17 +01:00
Domen Kožar
1fb78f8994 openssl: 1.0.1k -> 1.0.1l 2015-02-27 12:59:59 +01:00
Domen Kožar
dbbd849ce8 openssl: 1.0.1j -> 1.0.1k 
(cherry picked from commit 70a7d4bd16454b8b27d404a109c615462cc4fa9e)
Signed-off-by: Domen Kožar <domen@dev.si>
 2015-01-09 20:22:02 +01:00
Eelco Dolstra
09dc132e04 Merge remote-tracking branch 'origin/master' into staging 
Conflicts:
	pkgs/development/libraries/poppler/default.nix
 2014-10-16 15:16:50 +02:00
Domen Kožar
c758ec756b openssl: 1.0.1i -> 1.0.1j (CVE-2014-3513, CVE-2014-3567, CVE-2014-3568) 2014-10-15 16:12:23 +02:00
Alexander Kjeldaas
e431a3e0b5 openssl: make it deterministic 2014-09-13 15:05:27 +02:00
Vladimír Čunát
a70180ba73 mutiout: make it builtin 2014-08-30 08:27:43 +02:00
Vladimír Čunát
fb59f27a43 WIP: getting good 2014-08-27 01:14:09 +02:00
Vladimír Čunát
4dccb224c5 WIP2 2014-08-26 01:10:56 +02:00
Vladimír Čunát
96cec2a7bd Merge 'staging' into multiple-outputs 
Conflicts:
	pkgs/applications/audio/flac/default.nix
	pkgs/build-support/gcc-wrapper/builder.sh
	pkgs/development/libraries/apr-util/default.nix
	pkgs/development/libraries/apr/default.nix
	pkgs/development/libraries/atk/default.nix
	pkgs/development/libraries/freetype/default.nix
	pkgs/development/libraries/gdk-pixbuf/default.nix
	pkgs/development/libraries/glib/default.nix
	pkgs/development/libraries/glibc/2.17/builder.sh
	pkgs/development/libraries/glibc/2.17/locales.nix
	pkgs/development/libraries/libjpeg/default.nix
	pkgs/development/libraries/libogg/default.nix
	pkgs/development/libraries/libsamplerate/default.nix
	pkgs/development/libraries/libtiff/default.nix
	pkgs/development/libraries/libvorbis/default.nix
	pkgs/development/libraries/mesa/default.nix
	pkgs/development/libraries/pango/default.nix
	pkgs/development/web/nodejs/default.nix
	pkgs/os-specific/linux/pam/default.nix
	pkgs/os-specific/linux/systemd/default.nix
	pkgs/stdenv/generic/setup.sh
	pkgs/stdenv/linux/default.nix
	pkgs/top-level/all-packages.nix
	pkgs/top-level/release-small.nix
 2014-08-23 16:04:53 +02:00
Vladimír Čunát
d1ed0f44cd Merge #2823: better cygwin support, also add x86_64 
Conflicts (easy):
	pkgs/development/interpreters/perl/5.16/default.nix
 2014-08-14 20:38:09 +02:00
Peter Simons
5c276c4f68 openssl: update to version 1.0.1i 
See https://www.openssl.org/news/secadv_20140806.txt for a long list of CVE numbers.
Fixes <https://github.com/NixOS/nixpkgs/issues/3485>.
 2014-08-08 09:46:57 +02:00
Domen Kožar
15f092d7a7 openssl: 1.0.1g -> 1.0.1h 
CVE-2014-0224
CVE-2014-0221
CVE-2014-0195
CVE-2014-0198
CVE-2010-5298
CVE-2014-3470
 2014-06-05 14:32:11 +02:00
Sander van der Burg
9ec52d6323 Fixes to make basic builds on Cygwin work again + additions to support x86_64-cygwin 2014-05-29 14:47:07 +02:00
aszlig
625d7b9043
Merge pull request #1928 from 'cross-win-osx'. 
This includes a lot of fixes for cross-building to Windows and Mac OS X
and could possibly fix things even for non-cross-builds, like for
example OpenSSL on Windows.

The main reason for merging this in 14.04 already is that we already
have runInWindowsVM in master and it doesn't work until we actually
cross-build Cygwin's setup binary as the upstream version is a fast
moving target which gets _overwritten_ on every new release.

Conflicts:
	pkgs/top-level/all-packages.nix
 2014-04-21 10:00:35 +02:00
Domen Kožar
1140f06e0f openssl: 1.0.1f -> 1.0.1g 
CVE-2014-0160, CVE-2014-0076
 2014-04-07 20:33:38 +02:00
aszlig
5e95800f26
openssl: Use Darwin patch for cross-builds too. 
Might be better to have something like stdenv.isDarwinTarget, which can
be used to test for native Darwin _and_ cross-built Darwin as a target.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-03-12 10:00:47 +01:00
aszlig
30962765e0
openssl/cross: Fix build for Darwin. 
This is just a minor fix, because when using "darwin64-x86_64-cc" for
config.openssl.system, the OpenSSL build scripts try to compile with
$prefix-cc, which is not available with the gcc-cross-wrapper.

Signed-off-by: aszlig <aszlig@redmoonstudios.org>
 2014-03-12 10:00:47 +01:00
Eelco Dolstra
340b6ab649 openssl: Update to 1.0.1f 
CVE-2013-6449, CVE-2013-6450, CVE-2013-4353.
 2014-01-07 09:40:35 +01:00
Eelco Dolstra
2cfeca153c openssl, cups: Fix stripping libraries 2013-06-12 16:10:54 +02:00
Eelco Dolstra
2c9fa33521 openssl: Split header files from the libraries 2013-06-11 14:28:49 +02:00
Eelco Dolstra
a5fb18473e openssl: Fix removal of the ssl/misc scripts 
This drops the dependency of $out on Perl.
 2013-06-11 12:39:32 +02:00
Eelco Dolstra
99b88cfb53 Merge remote-tracking branch 'origin/master' into multiple-outputs 
Conflicts:
	pkgs/development/libraries/acl/default.nix
	pkgs/development/libraries/atk/2.6.x.nix
	pkgs/development/libraries/attr/default.nix
	pkgs/development/libraries/cairo/default.nix
	pkgs/development/libraries/freetype/default.nix
	pkgs/development/libraries/glib/2.34.x.nix
	pkgs/development/libraries/gtk+/2.24.x.nix
	pkgs/development/libraries/libtiff/default.nix
	pkgs/development/libraries/openssl/default.nix
	pkgs/development/libraries/pango/1.30.x.nix
	pkgs/misc/cups/default.nix
	pkgs/os-specific/linux/util-linux/default.nix
	pkgs/servers/x11/xorg/builder.sh
	pkgs/servers/x11/xorg/default.nix
	pkgs/top-level/all-packages.nix
 2013-06-09 00:41:27 +02:00
Danny Wilson
cf42601f92 Coreutils update and Illumos compatibility fixes. 
- GNU Coreutils 8.21
- Add is64Bit checks to stdenv for Solaris.
- Fix OpenSSL Illumos build.
 2013-02-28 20:04:01 +01:00
Peter Simons
e259e52a7d openssl: update to version 1.0.1e 2013-02-18 11:53:57 +01:00
Eelco Dolstra
ab3eeabfed Rename buildNativeInputs -> nativeBuildInputs 
Likewise for propagatedBuildNativeInputs, etc.  "buildNativeInputs"
sounds like an imperative rather than a noun phrase.
 2012-12-28 19:20:09 +01:00
Eelco Dolstra
88f7000aa4 openssl: Fix building on Darwin 
http://hydra.nixos.org/build/3491716
 2012-12-18 18:03:26 +01:00
Eelco Dolstra
e5497ca043 openssl: Install config files in $out/etc/ssl in $out/ssl 2012-11-23 17:29:06 +01:00
Peter Simons
f67d5a9a39 Merge branch 'master' into stdenv-updates. 
Conflicts have been resolved in:

        pkgs/tools/misc/file/default.nix
        pkgs/top-level/all-packages.nix
        pkgs/top-level/python-packages.nix
 2012-11-21 16:20:36 +01:00
Peter Simons
02cd9a906e openssl: strip trailing whitespace 2012-10-23 18:36:02 +02:00
Peter Simons
8d469a5bbc openssl: update to version 1.0.1c 2012-10-23 18:35:51 +02:00
Lluís Batlle i Rossell
57b578189b Adding cryptodev-linux, and made openssl use it optionally. 
I'm trying to get the CESA of the sheevaplug available to openssl.
 2012-09-23 20:51:15 +02:00
Peter Simons
d5677fe6c7 stdenv-updates: merge updates from 'master' branch 2012-09-11 16:48:41 +02:00
Eelco Dolstra
283164779b openssl: Separate programs 2012-08-24 23:42:33 -04:00
Eelco Dolstra
7369c443a8 openssl: Separate manpages 2012-08-24 22:24:49 -04:00
Ludovic Courtès
04661ec850 openssl: fix GNU/kFreeBSD builds 2012-08-13 14:12:54 +02:00
Eelco Dolstra
ad943dbbe3 * OpenSSL 1.0.0j (CVE-2012-2333). 
svn path=/nixpkgs/branches/stdenv-updates/; revision=34205
 2012-05-21 23:31:28 +00:00
Eelco Dolstra
6c36eece34 * Remove the FreeBSD patch. It no longer applies and no longer seems needed. 
svn path=/nixpkgs/branches/stdenv-updates/; revision=34006
 2012-05-07 19:56:14 +00:00
Eelco Dolstra
d0a1fe6b90 * Revert to the OpenSSL 1.0.0 series (though a newer version) because 
1.0.1 doesn't build on FreeBSD and Darwin (due to our patches).

svn path=/nixpkgs/branches/stdenv-updates/; revision=34001
 2012-05-07 01:08:33 +00:00
Eelco Dolstra
0ae007e26f * OpenSSL 1.0.1b (includes security fixes). 
svn path=/nixpkgs/branches/stdenv-updates/; revision=33989
 2012-05-05 15:00:10 +00:00
Florian Friesdorf
be815e7639 add an openssl mirror url as primary is currently down 
svn path=/nixpkgs/branches/stdenv-updates/; revision=32578
 2012-02-26 17:22:50 +00:00
Eelco Dolstra
91b19832c9 * Fix the Darwin patch for OpenSSL. 
svn path=/nixpkgs/branches/stdenv-updates/; revision=31791
 2012-01-23 12:59:18 +00:00
Eelco Dolstra
22f3ff8f0d * OpenSSL updated to 1.0.0g. 
svn path=/nixpkgs/branches/stdenv-updates/; revision=31740
 2012-01-20 16:41:11 +00:00
Yury G. Kudryashov
9ee0a9df9b svn merge ^/nixpkgs/trunk 
A few trivial conflicts

svn path=/nixpkgs/branches/stdenv-updates/; revision=31434
 2012-01-08 16:01:12 +00:00
Lluís Batlle i Rossell
11f55d273b I found that instantiating xbursttools brought to the openssl evaluation 
throwing an exception about an undefined platform.openssl.system.

That was introduced by r31330, which made openssl for the build system to
evaluate the platform.openssl.system, that should only be needed for the host
system.

I also revert supplying openssl.system for xbursttools.


svn path=/nixpkgs/trunk/; revision=31379
 2012-01-06 21:31:29 +00:00
Yury G. Kudryashov
10fd822319 Fix typo 
Introduced while merging trunk

svn path=/nixpkgs/branches/stdenv-updates/; revision=31339
 2012-01-06 09:41:22 +00:00
Yury G. Kudryashov
900c6e18cd svn merge ^/nixpkgs/trunk 
Conflicts: openssl, libplist

svn path=/nixpkgs/branches/stdenv-updates/; revision=31337
 2012-01-06 01:07:45 +00:00
Ludovic Courtès
3d0f767b91 OpenSSL: Fix compilation on GNU/Hurd. 
svn path=/nixpkgs/trunk/; revision=31330
 2012-01-05 23:46:17 +00:00
Eelco Dolstra
ca73b1fb33 * Resolve a collision between OpenSSL and man-pages 
(in ‘share/man/man3/err.3’).

svn path=/nixpkgs/trunk/; revision=31296
 2012-01-04 19:48:08 +00:00
Yury G. Kudryashov
2bca92e32d Merge trunk 
Conflicts:
1. cmake upgrade: use 2.8.7
2. openssl: left FreeBSD-asm patch.

svn path=/nixpkgs/branches/stdenv-updates/; revision=31245
 2012-01-03 17:25:24 +00:00