Skip to content

Commit

Permalink
openssl_3_0: 3.0.2 -> 3.0.3
Browse files Browse the repository at this point in the history 
- The c_rehash script allows command injection (CVE-2022-1292)
- OCSP_basic_verify may incorrectly verify the response signing
  certificate (CVE-2022-1343)
- Incorrect MAC key used in the RC4-MD5 ciphersuite (CVE-2022-1434)
- Resource leakage when decoding certificates and keys (CVE-2022-1473)

https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html

Fixes: CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473
  • Loading branch information
@mweinelt @vcunat
mweinelt authored and vcunat committed May 4, 2022
1 parent 5323307 commit c62eceb
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkgs/development/libraries/openssl/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -193,8 +193,8 @@ in {
};

openssl_3_0 = common {
version = "3.0.2";
sha256 = "sha256-mOkczq1NR1auPJzeXgkZGo5YbZ9NUIOOfsCdZBHf22M=";
version = "3.0.3";
sha256 = "sha256-7gB4rc7x3l8APGLIDMllJ3IWCcbzu0K3eV3zH4tVjAs=";
patches = [
./3.0/nix-ssl-cert-file.patch

Expand Down

0 comments on commit c62eceb

Please sign in to comment.