Merge pull request #80746 from vcunat/p/openssl-eol

openssl_1_0_2: mark as insecure; fixes #77503 (kinda)
This commit is contained in:
worldofpeace 2020-02-27 20:12:09 +00:00 committed by GitHub
commit b1ec189c9f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -7,7 +7,8 @@
with stdenv.lib;
let
common = { version, sha256, patches ? [], withDocs ? false }: stdenv.mkDerivation rec {
common = { version, sha256, patches ? [], withDocs ? false, extraMeta ? {} }:
stdenv.mkDerivation rec {
pname = "openssl";
inherit version;
@ -130,7 +131,7 @@ let
license = licenses.openssl;
platforms = platforms.all;
maintainers = [ maintainers.peti ];
};
} // extraMeta;
};
in {
@ -145,6 +146,7 @@ in {
then ./1.0.2/use-etc-ssl-certs-darwin.patch
else ./1.0.2/use-etc-ssl-certs.patch)
];
extraMeta.knownVulnerabilities = [ "Support for OpenSSL 1.0.2 ended with 2019." ];
};
openssl_1_1 = common {