openssl_1_1: 1.1.1n -> 1.1.1o

Fixes command injection in the c_rehash script, which at the same time is also considered obsolete and should be replaced by openssl rehash. https://mta.openssl.org/pipermail/openssl-announce/2022-May/000224.html Fixes: CVE-2022-1292 (cherry picked from commit a7be3b2607fef40cb8a9 from PR #171413)
author: Martin Weinelt <hexa@darmstadt.ccc.de> 2022-05-03 18:05:18 +0200
committer: Vladimír Čunát <v@cunat.cz> 2022-05-05 07:44:36 +0200
commit: 44df741c1db2215f17268ebcca07b41141caa380 (patch)
tree: afdf92cc8f7c24fff9c1973d307e92e973354680
parent: Merge pull request #171454 from helsinki-systems/bkp/2111/cacert (diff)
download: nixpkgs-44df741c1db2215f17268ebcca07b41141caa380.tar.gz
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index d702a9267679..9e636870aea2 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -190,8 +190,8 @@ in {
   };
 
   openssl_1_1 = common rec {
-    version = "1.1.1n";
-    sha256 = "sha256-QNzrUaT2pSdb3g5r8g70uRv8Mu1XwFUuLo4VRjNysXo=";
+    version = "1.1.1o";
+    sha256 = "sha256-k4SisFcN2ANYhBRkZ3EV33he25QccSEfdQdtcv5rQ48=";
     patches = [
       ./1.1/nix-ssl-cert-file.patch
author	Martin Weinelt <hexa@darmstadt.ccc.de>	2022-05-03 18:05:18 +0200
committer	Vladimír Čunát <v@cunat.cz>	2022-05-05 07:44:36 +0200
commit	44df741c1db2215f17268ebcca07b41141caa380 (patch)
tree	afdf92cc8f7c24fff9c1973d307e92e973354680
parent	Merge pull request #171454 from helsinki-systems/bkp/2111/cacert (diff)
download	nixpkgs-44df741c1db2215f17268ebcca07b41141caa380.tar.gz