Vladimír Čunát
153a19df05
Merge branch 'master' into staging-next
...
Hydra: ?compare=1474536
2018-08-20 09:15:33 +02:00
Markus Kowalewski
4ba295b797
openssl: add license
2018-08-18 00:05:21 +02:00
Vladimír Čunát
14aa936ec5
Merge branch 'staging-next' into staging
2018-08-17 20:53:27 +02:00
Andreas Rammhold
98a7b92261
openssl_1_0_2: 1.0.2o -> 1.0.2p
...
this addresses:
- Client DoS due to large DH parameter (CVE-2018-0732)
- Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
Changelog: https://www.openssl.org/news/cl102.txt
2018-08-15 21:35:23 +02:00
Andreas Rammhold
0a40875439
openssl_1_1_0: 1.1.0h -> 1.1.0i
...
this addresses:
- Client DoS due to large DH parameter (CVE-2018-0732)
- Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
Changelog: https://www.openssl.org/news/changelog.html#x1
2018-08-15 21:12:00 +02:00
Jan Malakhovski
7ea0904347
openssl: fix tests, also cleanup
2018-08-10 12:56:34 +00:00
Franz Pletz
459a34ce5f
openssl_1_1_0: add patch to fix c_rehash quoting
2018-08-06 22:49:29 +02:00
Matthew Bauer
4639d55562
Merge pull request #43870 from nh2/static-krb5-openssl-flags
...
Optional static libraries for krb5 and openssl
2018-07-23 17:31:24 -04:00
Matthew Bauer
916f096911
Merge pull request #43890 from matthewbauer/mingw-fixes
...
Mingw fixes
2018-07-21 17:04:20 -04:00
Matthew Bauer
522b61a069
openssl: work with mingw32
2018-07-21 17:00:05 -04:00
volth
52f53c69ce
pkgs/*: remove unreferenced function arguments
2018-07-21 02:48:04 +00:00
Niklas Hambüchen
479dcc3b54
openssl: Add static
flag.
...
Its effect on `postInstall` is carefully written to not
cause recompilation in the default case.
2018-07-21 04:43:50 +02:00
Silvan Mosberger
57bccb3cb8
treewide: http -> https sources ( #42676 )
...
* treewide: http -> https sources
This updates the source urls of all top-level packages from http to
https where possible.
* buildtorrent: fix url and tab -> spaces
2018-06-28 20:43:35 +02:00
Matthew Justin Bauer
eeb016e8f0
Merge branch 'staging' into fix-ncurses-darwin-extensions
2018-05-02 15:40:38 -05:00
John Ericson
0c3efb9ba0
openssl: Support iOS cross compilation (in theory)
2018-05-01 01:13:44 -04:00
WilliButz
01a4d957dd
openssl: enable parallel building
...
There is no improvement for the build duration of openssl 1.0
but the one of openssl 1.1 is reduced significantly.
2018-04-20 14:55:01 +02:00
Andreas Rammhold
72110322c0
openssl_1_1_0: 1.1.0g -> 1.1.0h (fixes CVE-2018-0739, CVE-2017-3738)
...
Also fixes CVE-2018-0733 but we do not support HP-UX to my knowledge :-)
Announcement at [1].
[1] https://www.openssl.org/news/secadv/20180327.txt
2018-03-27 21:31:59 +02:00
Andreas Rammhold
4bf9b4a328
openssl: 1.0.2n -> 1.0.2o (fixes CVE-2017-3738, CVE-2018-0739)
...
Announcement can be found at [1].
[1] https://www.openssl.org/news/secadv/20180327.txt
2018-03-27 21:31:41 +02:00
Will Dietz
cccf48ca0c
openssl: isMusl
2018-02-13 09:44:50 -06:00
Will Dietz
6593d882a9
openssl: fix cross, ensure 'Configure' has shebang patched
2018-02-13 09:44:49 -06:00
Will Dietz
aa00d53708
openssl 1.1.0: disable 'async' bits relating to setcontext/etc on musl
2018-02-13 09:44:49 -06:00
John Ericson
57b01b1bcf
lib, openssl: Get rid of openssl.system
...
We compute it on the fly, careful to avoid any mass rebuilds for now.
2018-01-26 21:22:00 -05:00
adisbladis
4cc3510a92
openssl_1_1_0: Fix CVE-2017-3738
2018-01-07 14:48:24 +01:00
Andreas Rammhold
0841f14a8f
openssl_1_0_2: 1.0.2m -> 1.0.2n (CVE-2017-3737, CVE-2017-3738)
...
See [1] for more details
[1] https://www.openssl.org/news/secadv/20171207.txt
2017-12-09 13:15:00 +01:00
Graham Christensen
e06dbe4f5b
openssl: fix nix patch for recent update
2017-11-02 15:16:41 -04:00
Graham Christensen
5e2d96deb3
openssl_1_1_0: 1.1.0f -> 1.1.0g
2017-11-02 14:44:04 -04:00
Graham Christensen
7726b46027
openssl_1_0_2: 1.0.2l -> 1.0.2m
2017-11-02 14:40:25 -04:00
Matthew Bauer
269f057be3
openssl: use https for homepage
2017-08-17 15:04:22 -07:00
georgewhewell
e85a855d2c
openssl 1_1_0: fix build on aarch64
2017-08-06 20:38:32 +02:00
Eelco Dolstra
c23dcd72a0
Enable some more debug info
2017-07-05 16:04:54 +02:00
John Ericson
16be434b0b
Merge accepted cross compilation PRs into staging
2017-06-28 23:17:21 -04:00
John Ericson
60eff17b27
openssl: cc-wrapper can be relied on to export these env vars
2017-06-28 18:31:37 -04:00
David McFarland
c580ab4fcf
openssl: fix cygwin build
2017-06-26 09:33:22 -03:00
Vladimír Čunát
ae6df000d0
Merge branch 'master' into staging
2017-06-07 18:11:27 +02:00
Tim Steinbach
67c1f0e65a
openssl: 1.0.2k -> 1.0.2l
...
cc #26435
2017-06-07 06:17:45 +02:00
Tim Steinbach
a64194f9d4
openssl: 1.1.0e -> 1.1.0f
2017-06-06 18:46:40 -04:00
David McFarland
2c006ca805
Revert "openssl: add custom build of 1.0.2 for steam"
...
No longer necessary. See https://github.com/NixOS/nixpkgs/pull/23034#issuecomment-291005754
This reverts commit a50784b34e
.
2017-04-03 09:04:44 +02:00
Guillaume Maudoux
c86f05e7ce
openssl: default to default profile CA on darwin
2017-03-22 12:09:09 +01:00
Domen Kožar
c3c9412c7d
git, openssl, curl: Respect $NIX_SSL_CERT_FILE
...
Slightly modified version of 942dbf89c6
2017-03-20 14:11:20 +01:00
Matthew Maurer
0d2ba7ef2b
openssl: 1.1.0d -> 1.1.0e for High severity CVE-2017-3733
2017-02-16 09:16:41 -05:00
Robin Gloster
426b61a1c7
openssl_1_0_1: remove
2017-01-27 21:29:53 +01:00
Franz Pletz
6626b62241
openssl_1_0_1: not maintained anymore, rename as -vulnerable
...
This is not maintained anymore upstream but is still used by sslscan.
Until this package is updated or fixed, we'll keep it around under
the unambiguous name openssl_1_0_1-vulnerable.
2017-01-26 15:41:07 +01:00
Franz Pletz
49bfd6068d
openssl_1_1_0: 1.1.0c -> 1.1.0d for multiple CVEs
...
Fixes:
* CVE-2017-3731
* CVE-2017-3730
* CVE-2017-3732
* CVE-2016-7055
2017-01-26 15:38:42 +01:00
Franz Pletz
434c15193a
openssl_1_0_2: 1.0.2j -> 1.0.2k for multiple CVEs
...
Fixes:
* CVE-2017-3731
* CVE-2017-3730
* CVE-2017-3732
* CVE-2016-7055
2017-01-26 15:38:33 +01:00
John Ericson
94df8e7e4d
openssl: Output-santizing hack properly uses native perl again
2017-01-24 11:37:56 -05:00
Graham Christensen
bb2a67d226
openssl_1_1_0: 1.1.0b -> 1.1.0c
2016-11-11 07:11:29 -05:00
David McFarland
a50784b34e
openssl: add custom build of 1.0.2 for steam
2016-11-09 21:18:32 -04:00
Eelco Dolstra
811b876fab
Revert "openssl, curl, git: Respect $NIX_SSL_CERT_FILE"
...
This reverts commit 942dbf89c6
. Sorry,
this was supposed to go to staging instead of master...
2016-10-14 16:01:54 +02:00
Eelco Dolstra
942dbf89c6
openssl, curl, git: Respect $NIX_SSL_CERT_FILE
...
$NIX_SSL_CERT_FILE overrides $SSL_CERT_FILE, which in turn overrides
the default CA path (/etc/ssl/certs/ca-certificates.crt). This allows
Nix to set a CA path without interfering with other packages (such as
Homebrew).
See https://github.com/NixOS/nix/issues/921 .
2016-10-14 12:06:10 +02:00
Robin Gloster
b743ddf8f9
sslscan: enable ssl2 checking
2016-10-12 14:36:41 +02:00