guix-patches
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27308: [PATCH] gnu: gnutls: Replace with 3.5.13.

From: Ludovic Courtès
Subject: bug#27308: [PATCH] gnu: gnutls: Replace with 3.5.13.
Date: Sat, 10 Jun 2017 16:29:44 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) 
Hi Marius,

Marius Bakke <address@hidden> skribis:

> This update addresses the following security advisories:
>
> GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.
>
> These links contain more information about the vulnerabilities and releases:
>
> https://gnutls.org/security.html
> https://gnutls.org/news.html
>
> * gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
> gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
> * gnu/local.mk (dist_patch_DATA): Register patches.
> * gnu/packages/tls.scm (gnutls)[replacement]: New field.
> (gnutls-3.5.13): New variable.

Assuming binary compatibility, that looks good to me.

While you’re at it, could you update GnuTLS in ‘core-updates’?

For the trust-store.c test, we could ask upstream to arrange so that the
test is skipped when the trust store doesn’t exist; would the test still
make sense?

Thanks,
Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]