CVS commit: pkgsrc/security/gnutls

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/security/gnutls
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Sun, 14 Mar 2021 07:58:21 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Sun Mar 14 07:58:21 UTC 2021

Modified Files:
        pkgsrc/security/gnutls: Makefile distinfo

Log Message:
gnutls: update to 3.7.1.

* Version 3.7.1 (released 2021-03-10)

** libgnutls: Fixed potential use-after-free in sending "key_share"
   and "pre_shared_key" extensions. When sending those extensions, the
   client may dereference a pointer no longer valid after
   realloc. This happens only when the client sends a large Client
   Hello message, e.g., when HRR is sent in a resumed session
   previously negotiated large FFDHE parameters, because the initial
   allocation of the buffer is large enough without having to call
   realloc (#1151).  [GNUTLS-SA-2021-03-10, CVSS: low]

** libgnutls: Fixed a regression in handling duplicated certs in a
   chain (#1131).

** libgnutls: Fixed sending of session ID in TLS 1.3 middlebox
   compatibiltiy mode. In that mode the client shall always send a
   non-zero session ID to make the handshake resemble the TLS 1.2
   resumption; this was not true in the previous versions (#1074).

** libgnutls: W32 performance improvement with a new sendmsg()-like
   transport implementation (!1377).

** libgnutls: Removed dependency on the external 'fipscheck' package,
   when compiled with --enable-fips140-mode (#1101).

** libgnutls: Added padlock acceleration for AES-192-CBC (#1004).


To generate a diff of this commit:
cvs rdiff -u -r1.218 -r1.219 pkgsrc/security/gnutls/Makefile
cvs rdiff -u -r1.146 -r1.147 pkgsrc/security/gnutls/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/gnutls/Makefile
diff -u pkgsrc/security/gnutls/Makefile:1.218 pkgsrc/security/gnutls/Makefile:1.219
--- pkgsrc/security/gnutls/Makefile:1.218       Thu Dec  3 12:27:38 2020
+++ pkgsrc/security/gnutls/Makefile     Sun Mar 14 07:58:20 2021
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.218 2020/12/03 12:27:38 nia Exp $
+# $NetBSD: Makefile,v 1.219 2021/03/14 07:58:20 wiz Exp $
 
-DISTNAME=      gnutls-3.7.0
+DISTNAME=      gnutls-3.7.1
 CATEGORIES=    security devel
 MASTER_SITES=  https://www.gnupg.org/ftp/gcrypt/gnutls/v${PKGVERSION_NOREV:R}/
 EXTRACT_SUFX=  .tar.xz
@@ -33,18 +33,16 @@ CONFIGURE_ARGS.FreeBSD+=    ac_cv_type_max_
 
 .include "options.mk"
 
+# one failure as of 3.7.1
+# https://gitlab.com/gnutls/gnutls/-/issues/1190
 TEST_TARGET=           check
 
 INFO_FILES=            yes
 
-REPLACE_BASH+=         tests/cert-tests/certtool
 REPLACE_BASH+=         tests/danetool.sh
 REPLACE_BASH+=         tests/fastopen.sh
 REPLACE_BASH+=         tests/gnutls-cli-debug.sh
-REPLACE_BASH+=         tests/ocsp-tests/ocsp-must-staple-connection
-REPLACE_BASH+=         tests/ocsp-tests/ocsp-tls-connection
 REPLACE_BASH+=         tests/starttls.sh
-REPLACE_BASH+=         tests/cert-tests/pkcs12-utf8
 
 REPLACE_PERL+=         doc/scripts/gdoc doc/scripts/sort2.pl
 

Index: pkgsrc/security/gnutls/distinfo
diff -u pkgsrc/security/gnutls/distinfo:1.146 pkgsrc/security/gnutls/distinfo:1.147
--- pkgsrc/security/gnutls/distinfo:1.146       Thu Dec  3 12:27:38 2020
+++ pkgsrc/security/gnutls/distinfo     Sun Mar 14 07:58:20 2021
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.146 2020/12/03 12:27:38 nia Exp $
+$NetBSD: distinfo,v 1.147 2021/03/14 07:58:20 wiz Exp $
 
-SHA1 (gnutls-3.7.0.tar.xz) = d535ebe4ae157fb79dbc34a2cf17b5173906ea0e
-RMD160 (gnutls-3.7.0.tar.xz) = 764391c259d604a0267bb673649738bc3a495507
-SHA512 (gnutls-3.7.0.tar.xz) = 5cf1025f2d0a0cbf5a83dd7f3b22dafd1769f7c3349096c0272d08573bb5ff87f510e0e69b4bbb47dad1b64476aa5479804b2f4ceb2216cd747bbc53bf42d885
-Size (gnutls-3.7.0.tar.xz) = 6129176 bytes
+SHA1 (gnutls-3.7.1.tar.xz) = 5de5d25534ee5910ea9ee6aaeeb6af1af4350c1e
+RMD160 (gnutls-3.7.1.tar.xz) = 134c7cbe291cb640afa834daa91ba087b9d9966f
+SHA512 (gnutls-3.7.1.tar.xz) = 0fe801f03676c3bd970387f94578c8be7ba6030904989e7d21dffdc726209bab44c8096fbcb6d51fed2de239537bd00df2338ee9c8d984a1c386826b91062a95
+Size (gnutls-3.7.1.tar.xz) = 6038388 bytes
 SHA1 (patch-configure) = 3653f74914f874aa369f62c8b267a46fd6b78eaa
 SHA1 (patch-lib_system_certs.c) = fba74b2834a36d66bddcd7d3405d0c91c1b14efc
 SHA1 (patch-src_libopts_autoopts_options.h) = ebeeafc834bce3b6b3f938e360b089e165ee4f9e

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index