diff options
| author | Martin Weinelt <hexa@darmstadt.ccc.de> | 2022-05-03 18:05:26 +0200 |
|---|---|---|
| committer | Vladimír Čunát <v@cunat.cz> | 2022-05-04 07:17:01 +0200 |
| commit | c62eceb91e5b463974fca2bcedf033ae1f6c52db (patch) | |
| tree | 234119db06665329f59234ffbb19ccb70e66c4c0 /pkgs/development/libraries/openssl | |
| parent | 532330778c190591a825f179d7f0ef4877f460b7 (diff) | |
openssl_3_0: 3.0.2 -> 3.0.3
- The c_rehash script allows command injection (CVE-2022-1292) - OCSP_basic_verify may incorrectly verify the response signing certificate (CVE-2022-1343) - Incorrect MAC key used in the RC4-MD5 ciphersuite (CVE-2022-1434) - Resource leakage when decoding certificates and keys (CVE-2022-1473) https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html Fixes: CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473
Diffstat (limited to 'pkgs/development/libraries/openssl')
| -rw-r--r-- | pkgs/development/libraries/openssl/default.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 8182a01cd52d6..6818418ad68cc 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -193,8 +193,8 @@ in { }; openssl_3_0 = common { - version = "3.0.2"; - sha256 = "sha256-mOkczq1NR1auPJzeXgkZGo5YbZ9NUIOOfsCdZBHf22M="; + version = "3.0.3"; + sha256 = "sha256-7gB4rc7x3l8APGLIDMllJ3IWCcbzu0K3eV3zH4tVjAs="; patches = [ ./3.0/nix-ssl-cert-file.patch |