All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [git commit branch/2021.02.x] package/gnutls: security bump to version 3.7.1
@ 2021-04-04 19:08 Peter Korsgaard
  0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2021-04-04 19:08 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=92d0d6db66fd0643e2b91b058f78222c87db2adc
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2021.02.x

- Fix CVE-2021-20231 and CVE-2021-20232:
  https://www.gnutls.org/security-new.html#GNUTLS-SA-2021-03-10
- Drop patch (not needed since:
  https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=b2d4b6c87827e34a694278d085a31508af052a37)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit ce978e0a671995c659b25b4e6441234e5c7a7a0c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 ...0001-Fix-gnulib-stdio.h-include-on-uclibc.patch | 49 ----------------------
 package/gnutls/gnutls.hash                         |  4 +-
 package/gnutls/gnutls.mk                           |  4 +-
 3 files changed, 4 insertions(+), 53 deletions(-)

diff --git a/package/gnutls/0001-Fix-gnulib-stdio.h-include-on-uclibc.patch b/package/gnutls/0001-Fix-gnulib-stdio.h-include-on-uclibc.patch
deleted file mode 100644
index 758e7cca73..0000000000
--- a/package/gnutls/0001-Fix-gnulib-stdio.h-include-on-uclibc.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 60fa934ffba3c230040328fdbbbf51f417f12871 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Stefan=20S=C3=B8rensen?= <stefan.sorensen@spectralink.com>
-Date: Mon, 22 Jun 2020 14:11:05 +0200
-Subject: [PATCH] Fix gnulib stdio.h include on uclibc
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-The __need_FILE define used by gnulib interferes with the uClibc stdio.h
-header, so move the inclusion the stdio.h to after __need_FILE has been
-undefined again.
-
-Signed-off-by: Stefan S??rensen <stefan.sorensen@spectralink.com>
----
- gl/fopen.c     | 2 +-
- src/gl/fopen.c | 2 +-
- 2 files changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/gl/fopen.c b/gl/fopen.c
-index 8d6625a..248692c 100644
---- a/gl/fopen.c
-+++ b/gl/fopen.c
-@@ -23,8 +23,8 @@
- #include <config.h>
- 
- /* Get the original definition of fopen.  It might be defined as a macro.  */
--#include <stdio.h>
- #undef __need_FILE
-+#include <stdio.h>
- 
- static FILE *
- orig_fopen (const char *filename, const char *mode)
-diff --git a/src/gl/fopen.c b/src/gl/fopen.c
-index 47d7f19..1f22f4f 100644
---- a/src/gl/fopen.c
-+++ b/src/gl/fopen.c
-@@ -23,8 +23,8 @@
- #include <config.h>
- 
- /* Get the original definition of fopen.  It might be defined as a macro.  */
--#include <stdio.h>
- #undef __need_FILE
-+#include <stdio.h>
- 
- static FILE *
- orig_fopen (const char *filename, const char *mode)
--- 
-2.25.4
-
diff --git a/package/gnutls/gnutls.hash b/package/gnutls/gnutls.hash
index c360a56f93..0788a7a6f0 100644
--- a/package/gnutls/gnutls.hash
+++ b/package/gnutls/gnutls.hash
@@ -1,6 +1,6 @@
 # Locally calculated after checking pgp signature
-# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.15.tar.xz.sig
-sha256  0ea8c3283de8d8335d7ae338ef27c53a916f15f382753b174c18b45ffd481558  gnutls-3.6.15.tar.xz
+# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.1.tar.xz.sig
+sha256  3777d7963eca5e06eb315686163b7b3f5045e2baac5e54e038ace9835e5cac6f  gnutls-3.7.1.tar.xz
 # Locally calculated
 sha256  e79e9c8a0c85d735ff98185918ec94ed7d175efc377012787aebcf3b80f0d90b  doc/COPYING
 sha256  6095e9ffa777dd22839f7801aa845b31c9ed07f3d6bf8a26dc5d2dec8ccc0ef3  doc/COPYING.LESSER
diff --git a/package/gnutls/gnutls.mk b/package/gnutls/gnutls.mk
index cf2dedb590..14855bcebc 100644
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@@ -4,8 +4,8 @@
 #
 ################################################################################
 
-GNUTLS_VERSION_MAJOR = 3.6
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).15
+GNUTLS_VERSION_MAJOR = 3.7
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).1
 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
 GNUTLS_SITE = https://www.gnupg.org/ftp/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
 GNUTLS_LICENSE = LGPL-2.1+ (core library)

^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2021-04-04 19:08 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-04-04 19:08 [Buildroot] [git commit branch/2021.02.x] package/gnutls: security bump to version 3.7.1 Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.