pyrox.dev / nixpkgs
lol
fork atom

openssl: fix CVE-2019-1543

Closes https://github.com/NixOS/nixpkgs/pull/61827.
Fixes https://github.com/NixOS/nixpkgs/issues/60107.

authored by Tom Bereknyei and committed by Peter Simons aae4c114 4a2fad0c

+5
unified split
+5
pkgs/development/libraries/openssl/default.nix
··· 136 sha256 = "0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw"; 137 patches = [ 138 ./1.1/nix-ssl-cert-file.patch 139 140 (if stdenv.hostPlatform.isDarwin 141 then ./1.1/use-etc-ssl-certs-darwin.patch
··· 136 sha256 = "0jza8cmznnyiia43056dij1jdmz62dx17wsn0zxksh9h6817nmaw"; 137 patches = [ 138 ./1.1/nix-ssl-cert-file.patch 139 + (fetchurl { 140 + name = "long-chacha-nonce.patch"; 141 + url = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=f426625b6ae9a7831010750490a5f0ad689c5ba3"; 142 + sha256= "02ghqg3vzmzx3s1dwwwbm1p1l4asaiampyg4k9vfrjwficvgpdgp"; 143 + }) 144 145 (if stdenv.hostPlatform.isDarwin 146 then ./1.1/use-etc-ssl-certs-darwin.patch