openssl_3_0: 3.0.2 -> 3.0.3

- The c_rehash script allows command injection (CVE-2022-1292) - OCSP_basic_verify may incorrectly verify the response signing certificate (CVE-2022-1343) - Incorrect MAC key used in the RC4-MD5 ciphersuite (CVE-2022-1434) - Resource leakage when decoding certificates and keys (CVE-2022-1473) https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html Fixes: CVE-2022-1292, CVE-2022-1343, CVE-2022-1434, CVE-2022-1473 (cherry picked from commit c62eceb91e5b463974fca2bcedf033ae1f6c52db)
author: Martin Weinelt <hexa@darmstadt.ccc.de> 2022-05-03 18:05:26 +0200
committer: github-actions[bot] <github-actions[bot]@users.noreply.github.com> 2022-05-04 07:24:46 +0000
commit: 3fb6b023460c60651ea1a39f19608e47068153be (patch)
tree: 53d4c332a2cd42f908f84380f7b7cdca312c5230
parent: Merge pull request #170555 from NixOS/backport-168865-to-release-21.11 (diff)
download: nixpkgs-3fb6b023460c60651ea1a39f19608e47068153be.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index d702a9267679..d0bf9e5c8f5b 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -205,8 +205,8 @@ in {
   };
 
   openssl_3_0 = common {
-    version = "3.0.2";
-    sha256 = "sha256-mOkczq1NR1auPJzeXgkZGo5YbZ9NUIOOfsCdZBHf22M=";
+    version = "3.0.3";
+    sha256 = "sha256-7gB4rc7x3l8APGLIDMllJ3IWCcbzu0K3eV3zH4tVjAs=";
     patches = [
       ./3.0/nix-ssl-cert-file.patch
author	Martin Weinelt <hexa@darmstadt.ccc.de>	2022-05-03 18:05:26 +0200
committer	github-actions[bot] <github-actions[bot]@users.noreply.github.com>	2022-05-04 07:24:46 +0000
commit	3fb6b023460c60651ea1a39f19608e47068153be (patch)
tree	53d4c332a2cd42f908f84380f7b7cdca312c5230
parent	Merge pull request #170555 from NixOS/backport-168865-to-release-21.11 (diff)
download	nixpkgs-3fb6b023460c60651ea1a39f19608e47068153be.tar.gz