Commit b958f017 authored by Ruud van Asseldonk's avatar Ruud van Asseldonk
Browse files

libressl_3_4: backport security fix

parent cb8d827b

pkgs/development/libraries/libressl/default.nix

+11 −4
Original line number Diff line number Diff line
@@ -86,7 +86,7 @@ let 
      license = with licenses; [ publicDomain bsdOriginal bsd0 bsd3 gpl3 isc openssl ];

      platforms   = platforms.all;

      maintainers = with maintainers; [ thoughtpolice fpletz ];

      knownVulnerabilities = knownVulnerabilities;

      inherit knownVulnerabilities;

    };

  };
@@ -94,9 +94,16 @@ in { 
  libressl_3_4 = generic {

    version = "3.4.3";

    hash = "sha256-/4i//jVIGLPM9UXjyv5FTFAxx6dyFwdPUzJx1jw38I0=";

    knownVulnerabilities = [

      "Support ended 2022-10-14."

      "https://marc.info/?l=libressl&m=167582148932407&w=2"

    knownVulnerabilities = [ "Support ended 2022-10-14." ];

    patches = [

      (fetchpatch {

        # https://marc.info/?l=libressl&m=167582148932407&w=2

        name = "backport-type-confusion-fix.patch";

        url = "https://raw.githubusercontent.com/libressl/portable/30dc760ed1d7c70766b135500950d8ca9d17b13a/patches/x509_genn.c.diff";

        sha256 = "sha256-N9jsOueqposDWZwaR+n/v/cHgNiZbZ644d8/wKjN2/M=";

        stripLen = 2;

        extraPrefix = "crypto/";

      })

    ];

  };