From 4a811b00534cb1ba39f8d31c4912ba995a4ac268 Mon Sep 17 00:00:00 2001 From: "Wladimir J. van der Laan" Date: Tue, 8 Apr 2014 07:26:22 +0200 Subject: gitian: upgrade openssl to 1.0.1g for both win and linux OpenSSL 1.0.1g fixes CVE-2014-0160. Also bump dependency versions. --- contrib/gitian-descriptors/deps-win.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'contrib/gitian-descriptors/deps-win.yml') diff --git a/contrib/gitian-descriptors/deps-win.yml b/contrib/gitian-descriptors/deps-win.yml index 87ebf3e87b..b18d0f031c 100644 --- a/contrib/gitian-descriptors/deps-win.yml +++ b/contrib/gitian-descriptors/deps-win.yml @@ -14,7 +14,7 @@ packages: reference_datetime: "2011-01-30 00:00:00" remotes: [] files: -- "openssl-1.0.1e.tar.gz" +- "openssl-1.0.1g.tar.gz" - "db-4.8.30.NC.tar.gz" - "miniupnpc-1.8.tar.gz" - "zlib-1.2.8.tar.gz" @@ -28,7 +28,7 @@ script: | INDIR=$HOME/build TEMPDIR=$HOME/tmp # Input Integrity Check - echo "f74f15e8c8ff11aa3d5bb5f276d202ec18d7246e95f961db76054199c69c1ae3 openssl-1.0.1e.tar.gz" | sha256sum -c + echo "53cb818c3b90e507a8348f4f5eaedb05d8bfe5358aabb508b7263cc670c3e028 openssl-1.0.1g.tar.gz" | sha256sum -c echo "12edc0df75bf9abd7f82f821795bcee50f42cb2e5f76a6a281b85732798364ef db-4.8.30.NC.tar.gz" | sha256sum -c echo "bc5f73c7b0056252c1888a80e6075787a1e1e9112b808f863a245483ff79859c miniupnpc-1.8.tar.gz" | sha256sum -c echo "36658cb768a54c1d4dec43c3116c27ed893e88b02ecfcb44f2166f9c0b7f2a0d zlib-1.2.8.tar.gz" | sha256sum -c @@ -48,8 +48,8 @@ script: | mkdir -p $INSTALLPREFIX $BUILDDIR cd $BUILDDIR # - tar xzf $INDIR/openssl-1.0.1e.tar.gz - cd openssl-1.0.1e + tar xzf $INDIR/openssl-1.0.1g.tar.gz + cd openssl-1.0.1g if [ "$BITS" == "32" ]; then OPENSSL_TGT=mingw else @@ -124,5 +124,5 @@ script: | done # cd $INSTALLPREFIX - find include lib | sort | zip -X@ $OUTDIR/bitcoin-deps-win$BITS-gitian-r10.zip + find include lib | sort | zip -X@ $OUTDIR/bitcoin-deps-win$BITS-gitian-r11.zip done # for BITS in -- cgit v1.2.3