* [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13
@ 2017-06-14 18:18 Baruch Siach
2017-06-14 18:18 ` [Buildroot] [PATCH 2/2] gnutls: switch to https download location Baruch Siach
` (2 more replies)
0 siblings, 3 replies; 5+ messages in thread
From: Baruch Siach @ 2017-06-14 18:18 UTC (permalink / raw)
To: buildroot
Fixes CVE-2017-7507: decoding a status request TLS extension that has a
non-empty responder IDs list could lead to a crash due to a null pointer
dereference.
https://lists.gnupg.org/pipermail/gnutls-devel/2017-June/008446.html
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
package/gnutls/gnutls.hash | 2 +-
package/gnutls/gnutls.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/gnutls/gnutls.hash b/package/gnutls/gnutls.hash
index 8e2469a5bdfb..f699716801c9 100644
--- a/package/gnutls/gnutls.hash
+++ b/package/gnutls/gnutls.hash
@@ -1,2 +1,2 @@
# Locally calculated after checking pgp signature
-sha256 63cb39a5eaa029381df2e49a74cfb7be89fc4a592445191818ffe1e66bde57cb gnutls-3.5.12.tar.xz
+sha256 79f5480ad198dad5bc78e075f4a40c4a315a1b2072666919d2d05a08aec13096 gnutls-3.5.13.tar.xz
diff --git a/package/gnutls/gnutls.mk b/package/gnutls/gnutls.mk
index c192469f9ea4..3c76c30af888 100644
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@@ -5,7 +5,7 @@
################################################################################
GNUTLS_VERSION_MAJOR = 3.5
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).12
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).13
GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
GNUTLS_SITE = ftp://ftp.gnutls.org/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
GNUTLS_LICENSE = LGPL-2.1+ (core library), GPL-3.0+ (gnutls-openssl library)
--
2.11.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 2/2] gnutls: switch to https download location
2017-06-14 18:18 [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Baruch Siach
@ 2017-06-14 18:18 ` Baruch Siach
2017-06-14 19:26 ` Peter Korsgaard
2017-06-14 19:25 ` [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Peter Korsgaard
2017-06-14 19:51 ` Peter Korsgaard
2 siblings, 1 reply; 5+ messages in thread
From: Baruch Siach @ 2017-06-14 18:18 UTC (permalink / raw)
To: buildroot
HTTPS works better behind a certain corporate firewalls.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
package/gnutls/gnutls.mk | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/package/gnutls/gnutls.mk b/package/gnutls/gnutls.mk
index 3c76c30af888..fa92a887f0c8 100644
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@@ -7,7 +7,7 @@
GNUTLS_VERSION_MAJOR = 3.5
GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).13
GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
-GNUTLS_SITE = ftp://ftp.gnutls.org/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
+GNUTLS_SITE = https://www.gnupg.org/ftp/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
GNUTLS_LICENSE = LGPL-2.1+ (core library), GPL-3.0+ (gnutls-openssl library)
GNUTLS_LICENSE_FILES = doc/COPYING doc/COPYING.LESSER
GNUTLS_DEPENDENCIES = host-pkgconf libunistring libtasn1 nettle pcre
--
2.11.0
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13
2017-06-14 18:18 [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Baruch Siach
2017-06-14 18:18 ` [Buildroot] [PATCH 2/2] gnutls: switch to https download location Baruch Siach
@ 2017-06-14 19:25 ` Peter Korsgaard
2017-06-14 19:51 ` Peter Korsgaard
2 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2017-06-14 19:25 UTC (permalink / raw)
To: buildroot
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
> Fixes CVE-2017-7507: decoding a status request TLS extension that has a
> non-empty responder IDs list could lead to a crash due to a null pointer
> dereference.
> https://lists.gnupg.org/pipermail/gnutls-devel/2017-June/008446.html
> Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Committed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 2/2] gnutls: switch to https download location
2017-06-14 18:18 ` [Buildroot] [PATCH 2/2] gnutls: switch to https download location Baruch Siach
@ 2017-06-14 19:26 ` Peter Korsgaard
0 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2017-06-14 19:26 UTC (permalink / raw)
To: buildroot
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
> HTTPS works better behind a certain corporate firewalls.
s/behind a/behind/
Committed with that fixed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13
2017-06-14 18:18 [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Baruch Siach
2017-06-14 18:18 ` [Buildroot] [PATCH 2/2] gnutls: switch to https download location Baruch Siach
2017-06-14 19:25 ` [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Peter Korsgaard
@ 2017-06-14 19:51 ` Peter Korsgaard
2 siblings, 0 replies; 5+ messages in thread
From: Peter Korsgaard @ 2017-06-14 19:51 UTC (permalink / raw)
To: buildroot
>>>>> "Baruch" == Baruch Siach <baruch@tkos.co.il> writes:
> Fixes CVE-2017-7507: decoding a status request TLS extension that has a
> non-empty responder IDs list could lead to a crash due to a null pointer
> dereference.
> https://lists.gnupg.org/pipermail/gnutls-devel/2017-June/008446.html
> Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Committed both to 2017.02.x and 2017.05.x, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-06-14 19:51 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-14 18:18 [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Baruch Siach
2017-06-14 18:18 ` [Buildroot] [PATCH 2/2] gnutls: switch to https download location Baruch Siach
2017-06-14 19:26 ` Peter Korsgaard
2017-06-14 19:25 ` [Buildroot] [PATCH 1/2] gnutls: security bump to version 3.5.13 Peter Korsgaard
2017-06-14 19:51 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.