pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2026Q1] pkgsrc/security/gnutls
Module Name: pkgsrc
Committed By: maya
Date: Thu May 7 22:32:20 UTC 2026
Modified Files:
pkgsrc/security/gnutls [pkgsrc-2026Q1]: Makefile PLIST distinfo
options.mk
Log Message:
Pullup ticket #7095 - requested by taca
security/gnutls: Security fix
Revisions pulled up:
- security/gnutls/Makefile 1.275
- security/gnutls/PLIST 1.85
- security/gnutls/distinfo 1.173
- security/gnutls/options.mk 1.9
---
Module Name: pkgsrc
Committed By: wiz
Date: Thu Apr 30 05:33:43 UTC 2026
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo options.mk
Log Message:
gnutls: update to 3.8.13.
* Version 3.8.13 (released 2026-04-29)
** libgnutls: Add more checks to DTLS reassembly
Previously, gnutls didn't check that DTLS fragments claimed
a consistent message_length value.
Additionally, a crucial array size check was missing,
enabling an attacker to cause a heap overwrite.
Reject fragments with mismatching length and add a missing boundary =
check.
Independently reported by
Haruto Kimura (Stella), Oscar Reparaz and Zou Dikai.
[GNUTLS-SA-2026-04-29-1, CVSS: high] [CVE-2026-33846]
** libgnutls: Fix qsort comparator in DTLS reassembly
The comparator function used for ordering DTLS packets
by sequence numbers did not follow qsort comparator contracts
in case of packets with duplicate sequence numbers,
which could lead to unstable ordering or undefined behaviour.
Return 0 in such cases makes the sorting stable.
Additionally, discard packets with same sequence numbers
and differing handshake type,
so that they don't end up being sorted in the first place.
Reported by Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-29-2, CVSS: high] [CVE-2026-42009]
** libgnutls: Fix crashing on an underflow with a DTLS datagram
A remotely triggerable underflow in the DTLS reassembly code led to
a heap overrun.
Prevent the underflow from happening.
Reported by Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-29-3, CVSS: high] [CVE-2026-33845]
** libgnutls: Fix RSA-PSK identity truncation
Servers configured with RSA-PSK have wrongfully matched usernames wi=
th NUL
character in them to ones truncated to NUL character,
which could lead to an authentication bypass.
Fix the check to perform comparison up to the full username length.
Reported by Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-29-4, CVSS: high] [CVE-2026-42010]
** libgnutls: Fix case-sensitivity of domain name comparison in name co=
nstraints
Domain name comparison during name constraints processing
was case-sensitive, violating RFC 5280 section 7.2.
For excluded name constraints, this could lead to
incorrectly accepting domain names that should've been rejected.
DNS name comparison and the domain part of email names
now perform case-insensitive comparison.
Independently reported by Oleh Konko (1seal) and
Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-29-5, CVSS: high] [CVE-2026-3833]
** libgnutls: Fix intersecting empty constraints
Permitted name constraints were wrongfully ignored
when prior CAs only had excluded name constraints,
resulting in a name constraint bypass.
Reported by Haruto Kimura (Stella).
[GNUTLS-SA-2026-04-29-6, CVSS: medium] [CVE-2026-42011]
** libgnutls: Suppress CN fallback in presence of URI and SRV SAN
Certificates containing URI or SRV Subject Alternative Names
no longer fall back to checking DNS hostnames against Common Name
to avoid potential misuse of such certificates
beyond their original purpose.
Reported by Oleh Konko (1seal).
[GNUTLS-SA-2026-04-27-7, CVSS: medium] [CVE-2026-42012]
** libgnutls: Suppress CN fallback for oversized SAN
Validation of certificates with oversized Subject Alternative Names
no longer falls back to checking DNS hostnames against Common Name.
Independently reported by Haruto Kimura (Stella) and
Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-27-8, CVSS: medium] [CVE-2026-42013]
** libgnutls: Fix use-after-free in gnutls_pkcs11_token_set_pin
Changing the Security Officer PIN with gnutls_pkcs11_token_set_pin()=
with oldpin =3D=3D NULL for a token lacking a protected authenticati=
on path
led to a use-after-free.
Reported by Luigino Camastra and Joshua Rogers of AISLE Research Tea=
m.
[GNUTLS-SA-2026-04-29-9, CVSS: medium] [CVE-2026-42014]
** libgnutls: Fix overread in RSA key exchange with PKCS#11 keys
For a server using an RSA key backed by a PKCS#11 token,
a client sending an extremely short premaster secret
during an RSA key exchange could trigger a short heap overread.
Reported by Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-29-10, CVSS: medium] [CVE-2026-5260]
** libgnutls: Fix off-by-one in PKCS#12 bag element bounds check
Appending to a PKCS#12 bag that already contained 32 elements
could write past the bag's internal array.
Reported by Zou Dikai.
[GNUTLS-SA-2026-04-29-11, CVSS: low] [CVE-2026-42015]
** libgnutls: Fix multi-entry OCSP response revocation bypass
When validating a certificate against a multi-entry OCSP response,
the revocation status was always checked for the first entry
instead of the entry matching the certificate,
which could lead to accepting revoked certificates.
Independently reported by Oleh Konko (1seal) and
Joshua Rogers of AISLE Research Team.
[GNUTLS-SA-2026-04-29-12, CVSS: low] [CVE-2026-3832]
** libgnutls: Fix timing side-channel in PKCS#7 padding removal
The PKCS#7 padding check performed during decryption was not constan=
t-time,
potentially leaking information about the padding bytes
through timing differences.
Rewritten to remove padding in a branch-free manner.
Reported by Doria Tang of Stony Brook University.
[GNUTLS-SA-2026-04-29-13, CVSS: low] [CVE-2026-5419]
** libgnutls: Fix PSK username comparison during rehandshake
Rehandshaking to a username with embedded NUL character could theore=
tically
allow bypassing the GNUTLS_ALLOW_ID_CHANGE protection (#1808).
Reported and fixed by Joshua Rogers of AISLE Research Team.
** libgnutls: Fix OID length check for OCSP delegated signer EKU
The OCSP signing EKU OID was compared without verifying its length,
allowing a shorter OID that shares the same prefix to match.
The check now verifies the length as well (#1810).
Reported by Joshua Rogers of AISLE Research Team.
** libgnutls: Fix AES keys persisting with pkcs11-provider
When using the pkcs11-provider, AES keys used for cipher operations
were created as persistent objects and accumulating.
They are now ephemeral (#1813).
** libgnutls: Fix missing RSA key coprimality check in verify_params
gnutls_privkey_verify_params overlooked the scenario of p and q
not being co-prime.
It now returns GNUTLS_E_PK_INVALID_PRIVKEY in this case (#1818).
Reported by Kamil Frankowicz.
** libgnutls: Fix overread when parsing OpenSSL PEM private keys
Insufficient bounds checking on the PEM header length could lead
to short heap overreads on specially crafted inputs (#1854).
Independently reported by Kamil Frankowicz and
Joshua Rogers of AISLE Research Team.
** libgnutls: Fix a theoretical double-free during certificate import
If gnutls_x509_crt_list_import_pkcs11 failed partway through,
the trust list cleanup code would try to free already-deinitialized
certificate entries, leading to a double-free (#1819).
Reported by Joshua Rogers of AISLE Research Team.
** libgnutls: Fix heap overread in SCT extension parser
The list-length validation didn't account for the 2-byte length fiel=
d,
allowing a specially crafted SCT extension to cause
a 2-byte overread past the buffer (#1822).
Reported by Joshua Rogers of AISLE Research Team.
** libgnutls: Zeroize shared secret derived during hybrid key exchange
The derived shared secret was not zeroized before being freed (#1841=
).
Reported by liyue.
** build: Support building with Nettle 4.0
Nettle 4.0 was released in Feburary 2026, with API incompatibile
changes from 3.10. The library can now compile with it, while
Nettle 3.10 is still supported (#1791).
** libgnutls: Support deriving ML-DSA public key from an expanded priva=
te key
RFC 9881 defines 3 private key formats for ML-DSA: "seed",
"expandedKey" and both. It is now possible to derive a public key
from a private key in the "expandedKey" format (#1723).
** libgnutls: Fix loading BIT STRING encoded EdDSA key from PKCS#11
For compatibility reasons, the library supports two formats for
EdDSA private keys: either ASN.1 BIT STRING (raw) or OCTET STRING
(DER). Previously, loading a private key in the former format
resulted in a failure, which is now fixed (#1749).
** libgnutls: HPKE (RFC 9180) is now supported as a technology preview
The Hybrid Public Key Encryption (HPKE) is a flexible cryptographic
protocol which enables to encrypt arbitrary data to a recipient, by
combining key encapsulation mechanism (KEM) and authenticated
encryption with additional data (AEAD). GnuTLS now includes the
implementation contributed by David Dudas. Given this is a
technology preview, the implementation and the API might suffer
modification in the following period. Use --enable-hpke to turn on
this feature (#1506).
** libgnutls: Fix TLS 1.3 client certificate selection
For servers that send a signature_algorithms extension in Certificat=
eRequest
with new rsa_pss_rsae_* algorithms and without the legacy rsa_pkcs1_=
* ones,
the client now properly considers RSA when selecting a certificate t=
o send.
This fixes TLS 1.3 interoperability with newer Java servers
when using client certificates.
Contributed by Romain Tarti=E8re (#1842).
** libgnutls: Fix kTLS ChaCha20-Poly1305 IV for TLS 1.2
When using kTLS with ChaCha20-Poly1305 under TLS 1.2,
an incorrect value was passed as the IV to the kernel,
causing connections to fail early.
** libgnutls: Allow fetching object type metadata for PKCS#11 keys
A new library function, gnutls_pkcs11_obj_get_pk_algorithm,
has been added to check the public key algorithms of PKCS#11 key obj=
ects.
Object types other than CKO_PRIVATE_KEY are currently not supported.=
Contributed by Ghadi Elie Rahme (!2074).
** API and ABI modifications:
gnutls_hpke_kem_t: New enum
gnutls_hpke_kdf_t: New enum
gnutls_hpke_aead_t: New enum
gnutls_hpke_mode_t: New enum
gnutls_hpke_role_t: New enum
gnutls_hpke_context_st: New context structure
gnutls_hpke_init: New function
gnutls_hpke_deinit: New function
gnutls_hpke_encap: New function
gnutls_hpke_seal: New function
gnutls_hpke_decap: New function
gnutls_hpke_open: New function
gnutls_hpke_derive_keypair: New function
gnutls_hpke_export: New function
gnutls_pkcs11_obj_get_pk_algorithm: New function
To generate a diff of this commit:
cvs rdiff -u -r1.274 -r1.274.2.1 pkgsrc/security/gnutls/Makefile
cvs rdiff -u -r1.84 -r1.84.4.1 pkgsrc/security/gnutls/PLIST
cvs rdiff -u -r1.172 -r1.172.2.1 pkgsrc/security/gnutls/distinfo
cvs rdiff -u -r1.8 -r1.8.2.1 pkgsrc/security/gnutls/options.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/gnutls/Makefile
diff -u pkgsrc/security/gnutls/Makefile:1.274 pkgsrc/security/gnutls/Makefile:1.274.2.1
--- pkgsrc/security/gnutls/Makefile:1.274 Mon Feb 9 19:35:36 2026
+++ pkgsrc/security/gnutls/Makefile Thu May 7 22:32:20 2026
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.274 2026/02/09 19:35:36 adam Exp $
+# $NetBSD: Makefile,v 1.274.2.1 2026/05/07 22:32:20 maya Exp $
-DISTNAME= gnutls-3.8.12
+DISTNAME= gnutls-3.8.13
CATEGORIES= security devel
MASTER_SITES= ${MASTER_SITE_GNUPG:=gnutls/v${PKGVERSION_NOREV:R}/}
EXTRACT_SUFX= .tar.xz
@@ -36,8 +36,8 @@ CONFIGURE_ARGS.FreeBSD+= ac_cv_type_max_
.include "options.mk"
-# Failures on NetBSD 11 as of 3.8.11:
-# test-parse-datetime, test-realloc-posix
+# Failures on NetBSD 11 as of 3.8.13:
+# test-parse-datetime
TEST_TARGET= check
INFO_FILES= yes
Index: pkgsrc/security/gnutls/PLIST
diff -u pkgsrc/security/gnutls/PLIST:1.84 pkgsrc/security/gnutls/PLIST:1.84.4.1
--- pkgsrc/security/gnutls/PLIST:1.84 Thu Nov 20 20:55:29 2025
+++ pkgsrc/security/gnutls/PLIST Thu May 7 22:32:20 2026
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.84 2025/11/20 20:55:29 wiz Exp $
+@comment $NetBSD: PLIST,v 1.84.4.1 2026/05/07 22:32:20 maya Exp $
bin/certtool
bin/gnutls-cli
bin/gnutls-cli-debug
@@ -12,6 +12,7 @@ include/gnutls/crypto.h
include/gnutls/dtls.h
include/gnutls/gnutls.h
include/gnutls/gnutlsxx.h
+include/gnutls/hpke.h
include/gnutls/ocsp.h
include/gnutls/openpgp.h
include/gnutls/pkcs11.h
@@ -346,6 +347,14 @@ man/man3/gnutls_hmac_get_len.3
man/man3/gnutls_hmac_init.3
man/man3/gnutls_hmac_output.3
man/man3/gnutls_hmac_set_nonce.3
+man/man3/gnutls_hpke_decap.3
+man/man3/gnutls_hpke_deinit.3
+man/man3/gnutls_hpke_derive_keypair.3
+man/man3/gnutls_hpke_encap.3
+man/man3/gnutls_hpke_export.3
+man/man3/gnutls_hpke_init.3
+man/man3/gnutls_hpke_open.3
+man/man3/gnutls_hpke_seal.3
man/man3/gnutls_idna_map.3
man/man3/gnutls_idna_reverse_map.3
man/man3/gnutls_init.3
@@ -465,6 +474,7 @@ man/man3/gnutls_pkcs11_obj_flags_get_str
man/man3/gnutls_pkcs11_obj_get_exts.3
man/man3/gnutls_pkcs11_obj_get_flags.3
man/man3/gnutls_pkcs11_obj_get_info.3
+man/man3/gnutls_pkcs11_obj_get_pk_algorithm.3
man/man3/gnutls_pkcs11_obj_get_ptr.3
man/man3/gnutls_pkcs11_obj_get_type.3
man/man3/gnutls_pkcs11_obj_import_url.3
Index: pkgsrc/security/gnutls/distinfo
diff -u pkgsrc/security/gnutls/distinfo:1.172 pkgsrc/security/gnutls/distinfo:1.172.2.1
--- pkgsrc/security/gnutls/distinfo:1.172 Thu Mar 19 17:29:37 2026
+++ pkgsrc/security/gnutls/distinfo Thu May 7 22:32:20 2026
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.172 2026/03/19 17:29:37 jperkin Exp $
+$NetBSD: distinfo,v 1.172.2.1 2026/05/07 22:32:20 maya Exp $
-BLAKE2s (gnutls-3.8.12.tar.xz) = 9955320f8dff9824a2a33c46533b0d889a3d8336de4b6fb02f92a49187f2b072
-SHA512 (gnutls-3.8.12.tar.xz) = 332a8e5200461517c7f08515e3aaab0bec6222747422e33e9e7d25d35613e3d0695a803fce226bd6a83f723054f551328bd99dcf0573e142be777dcf358e1a3b
-Size (gnutls-3.8.12.tar.xz) = 6949604 bytes
+BLAKE2s (gnutls-3.8.13.tar.xz) = 8b5813133f08bd3014e84efda901eaa67c2edd5b2b93809675a9c5e0cec7c634
+SHA512 (gnutls-3.8.13.tar.xz) = 71bf189a836fd18d58b9e995d4bfcecdb0aae6129dfd44247b98422b2f127dd868f9905d28fad2ca05afd919a0e6b3c8eebb6b95804067d3a8dab31ebdc72453
+Size (gnutls-3.8.13.tar.xz) = 7275324 bytes
SHA1 (patch-configure) = 866d8a365b8338348230e47518788f494279b139
SHA1 (patch-doc_examples_tlsproxy_tlsproxy.c) = 5062df3a73e69abca25710d016b949eef62af453
SHA1 (patch-lib_crau_crau.h) = 751202b8eab1ef903faba6fc4281e75f1d394a66
Index: pkgsrc/security/gnutls/options.mk
diff -u pkgsrc/security/gnutls/options.mk:1.8 pkgsrc/security/gnutls/options.mk:1.8.2.1
--- pkgsrc/security/gnutls/options.mk:1.8 Mon Feb 9 19:35:36 2026
+++ pkgsrc/security/gnutls/options.mk Thu May 7 22:32:20 2026
@@ -1,4 +1,4 @@
-# $NetBSD: options.mk,v 1.8 2026/02/09 19:35:36 adam Exp $
+# $NetBSD: options.mk,v 1.8.2.1 2026/05/07 22:32:20 maya Exp $
PKG_OPTIONS_VAR= PKG_OPTIONS.gnutls
PKG_SUPPORTED_OPTIONS= brotli dane pkcs11 zstd
@@ -18,6 +18,7 @@ PLIST_VARS+= pkcs11
.if !empty(PKG_OPTIONS:Mpkcs11)
PLIST.pkcs11= yes
BUILDLINK_API_DEPENDS.p11-kit+= p11-kit>=0.23.1
+PRINT_PLIST_AWK+= { gsub(/^bin\/p11tool/, "$${PLIST.pkcs11}&"); }
.include "../../security/p11-kit/buildlink3.mk"
.else
CONFIGURE_ARGS+= --without-p11-kit
Home |
Main Index |
Thread Index |
Old Index