From 954dcc16c6c5c1c7513b180bcf1e7704b7e3f707 Mon Sep 17 00:00:00 2001 From: Max Rees Date: Tue, 2 Jun 2020 19:54:29 -0500 Subject: user/gnutls: [CVE] bump to 3.6.14 (#254) --- user/gnutls/APKBUILD | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'user/gnutls/APKBUILD') diff --git a/user/gnutls/APKBUILD b/user/gnutls/APKBUILD index 616793f57..e75b1d552 100644 --- a/user/gnutls/APKBUILD +++ b/user/gnutls/APKBUILD @@ -2,12 +2,11 @@ # Contributor: Michael Mason # Maintainer: pkgname=gnutls -pkgver=3.6.11.1 +pkgver=3.6.14 pkgrel=0 pkgdesc="A TLS protocol implementation" -url="http://www.gnutls.org/" +url="https://www.gnutls.org/" arch="all" -options="!check" # https://gitlab.com/gnutls/gnutls/issues/560 license="LGPL-2.1+" makedepends="libtasn1-dev libunistring-dev nettle-dev p11-kit-dev texinfo unbound-dev cmd:which zlib-dev" @@ -23,11 +22,16 @@ case $pkgver in ;; esac source="https://www.gnupg.org/ftp/gcrypt/gnutls/v${_v}/$pkgname-$pkgver.tar.xz - gnulib-tests-dont-require-gpg-passphrase.patch" + gnulib-tests-dont-require-gpg-passphrase.patch + disable-certtool-test.patch + " # secfixes: # 3.5.13-r0: # - CVE-2017-7507 +# 3.6.14-r0: +# - CVE-2020-11501 +# - CVE-2020-13777 build() { LIBS="-lgmp" ./configure \ @@ -79,5 +83,6 @@ xx() { mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/ } -sha512sums="55fbbf0ebc824fbc91ccd08d1708452c5b1c12af75e332f29414540eb2f81337fa605a693ce9f34319a927e9d71177e6e7ffea5c6747792d341fb740f68c9489 gnutls-3.6.11.1.tar.xz -abc24ee59cc67805fe953535b0bae33080fc8b0bf788304377f6d10ec8c162c4cf203a69c98a4ba3483b4c60ed7a204433cc7db9b8190eddb0d68f6fb6dad52d gnulib-tests-dont-require-gpg-passphrase.patch" +sha512sums="b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604 gnutls-3.6.14.tar.xz +abc24ee59cc67805fe953535b0bae33080fc8b0bf788304377f6d10ec8c162c4cf203a69c98a4ba3483b4c60ed7a204433cc7db9b8190eddb0d68f6fb6dad52d gnulib-tests-dont-require-gpg-passphrase.patch +25400be364c1f27b88451002a471cbf841b9738dd93c42dcbeaf7644c3deea6afc85300b40d5ae32d29dc4d441237e8b311f3e07f0af2fb4788701ee4e240c0f disable-certtool-test.patch" -- cgit v1.2.3-70-g09d2