guix/gnu/packages/patches/openssl-c-rehash-in.patch
Ludovic Courtès caeadfddb0 gnu: openssl: Replace with 1.0.2g [fixes CVE-2016-{0800,0705,0798,0797,0799,0702,0703,0704}].
See <http://openssl.org/news/secadv/20160301.txt>.
Also fixes <http://bugs.gnu.org/22831>.

* gnu/packages/patches/openssl-c-rehash-in.patch: New file.
* gnu/packages/tls.scm (openssl)[replacement]: New field.
(openssl-1.0.2g): New variable.
2016-03-01 16:00:46 +01:00

17 lines
668 B
Diff

This patch removes the explicit reference to the 'perl' binary,
such that OpenSSL does not retain a reference to Perl.
The 'c_rehash' program is seldom used, but it is used nonetheless
to create symbolic links to certificates, for instance in the 'nss-certs'
package.
--- openssl-1.0.2g/tools/c_rehash.in 2015-09-09 18:36:07.313316482 +0200
+++ openssl-1.0.2g/tools/c_rehash.in 2015-09-09 18:36:28.965458458 +0200
@@ -1,4 +1,6 @@
-#!/usr/local/bin/perl
+eval '(exit $?0)' && eval 'exec perl -wS "$0" ${1+"$@"}'
+ & eval 'exec perl -wS "$0" $argv:q'
+ if 0;
# Perl c_rehash script, scan all files in a directory
# and add symbolic links to their hash values.