[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
branch master updated: gnutls: Update to 3.8.2 (fixes CVE-2023-5981).
From: |
guix-commits |
Subject: |
branch master updated: gnutls: Update to 3.8.2 (fixes CVE-2023-5981). |
Date: |
Fri, 05 Jan 2024 14:08:56 -0500 |
This is an automated email from the git hooks/post-receive script.
apteryx pushed a commit to branch master
in repository guix.
The following commit(s) were added to refs/heads/master by this push:
new deeb7d1f53 gnutls: Update to 3.8.2 (fixes CVE-2023-5981).
deeb7d1f53 is described below
commit deeb7d1f53d7ddfa977b3eadd760312bbd0a2509
Author: Maxim Cournoyer <maxim.cournoyer@gmail.com>
AuthorDate: Fri Jan 5 13:12:31 2024 -0500
gnutls: Update to 3.8.2 (fixes CVE-2023-5981).
* gnu/packages/tls.scm (gnutls): Graft with gnutls-3.8.2.
(gnutls-3.8.1): Replace with...
(gnutls-3.8.2): ... this. Remove obsolete set-path-max phase, and make the
variable private.
Change-Id: Ib5cd276c9ecc87d1adc2f4f9633d49676cfe856d
---
gnu/packages/tls.scm | 25 ++++++-------------------
1 file changed, 6 insertions(+), 19 deletions(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 208a7ff640..806a761d9b 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -15,7 +15,7 @@
;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org>
;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com>
;;; Copyright © 2020, 2023 Janneke Nieuwenhuizen <janneke@gnu.org>
-;;; Copyright © 2020, 2021, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com>
+;;; Copyright © 2020, 2021, 2023, 2024 Maxim Cournoyer
<maxim.cournoyer@gmail.com>
;;; Copyright © 2021 Solene Rapenne <solene@perso.pw>
;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re>
;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be>
@@ -200,7 +200,7 @@ living in the same process.")
(package
(name "gnutls")
(version "3.7.7")
- (replacement gnutls-3.8.1)
+ (replacement gnutls-3.8.2)
(source (origin
(method url-fetch)
;; Note: Releases are no longer on ftp.gnu.org since the
@@ -305,11 +305,11 @@ required structures.")
(define-deprecated/public-alias gnutls-latest gnutls)
;; Replacement for gnutls@3.7.7 to address GNUTLS-SA-2020-07-14 /
-;; CVE-2023-0361
-(define-public gnutls-3.8.1
+;; CVE-2023-0361 and GNUTLS-SA-2023-10-23 / CVE-2023-5981.
+(define gnutls-3.8.2
(package
(inherit gnutls)
- (version "3.8.1")
+ (version "3.8.2")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/gnutls/v"
@@ -318,20 +318,7 @@ required structures.")
(patches (search-patches "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
- "1742jiigwsfhx7nj5rz7dwqr8d46npsph6b68j7siar0mqarx2xs"))))
- (arguments
- (if (target-hurd?)
- ;; Fix reference to undefined 'PATH_MAX'. This is fixed in GnuTLS
- ;; commit 3b6ec1e01de4e96d36276dfe34ee9e183f285264.
- (substitute-keyword-arguments (package-arguments gnutls)
- ((#:phases phases #~%standard-phases)
- #~(modify-phases #$phases
- (add-after 'unpack 'set-path-max
- (lambda _
- (substitute* "lib/pathbuf.h"
- (("^#define GNUTLS_PATH_MAX PATH_MAX")
- "#define GNUTLS_PATH_MAX 8192\n")))))))
- (package-arguments gnutls)))))
+ "0xzgmp1ck5ifvdki4jg29r278w2p1m3a0qz38g99v6zsdw0yarg7"))))))
(define-public gnutls/dane
;; GnuTLS with build libgnutls-dane, implementing DNS-based
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- branch master updated: gnutls: Update to 3.8.2 (fixes CVE-2023-5981).,
guix-commits <=