diff options
| author | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2024-01-05 13:12:31 -0500 |
|---|---|---|
| committer | Maxim Cournoyer <maxim.cournoyer@gmail.com> | 2024-01-05 13:48:37 -0500 |
| commit | deeb7d1f53d7ddfa977b3eadd760312bbd0a2509 (patch) | |
| tree | d67e9672b45a58cbec18a38531bed6855456a85f /gnu/packages/tls.scm | |
| parent | 9abca269ddc5cd1b689ec6137e6def2402ccce19 (diff) | |
| download | guix-patches-deeb7d1f53d7ddfa977b3eadd760312bbd0a2509.tar guix-patches-deeb7d1f53d7ddfa977b3eadd760312bbd0a2509.tar.gz | |
gnutls: Update to 3.8.2 (fixes CVE-2023-5981).
* gnu/packages/tls.scm (gnutls): Graft with gnutls-3.8.2.
(gnutls-3.8.1): Replace with...
(gnutls-3.8.2): ... this. Remove obsolete set-path-max phase, and make the
variable private.
Change-Id: Ib5cd276c9ecc87d1adc2f4f9633d49676cfe856d
Diffstat (limited to 'gnu/packages/tls.scm')
| -rw-r--r-- | gnu/packages/tls.scm | 25 |
1 files changed, 6 insertions, 19 deletions
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm index 208a7ff640..806a761d9b 100644 --- a/gnu/packages/tls.scm +++ b/gnu/packages/tls.scm @@ -15,7 +15,7 @@ ;;; Copyright © 2018 Clément Lassieur <clement@lassieur.org> ;;; Copyright © 2019 Mathieu Othacehe <m.othacehe@gmail.com> ;;; Copyright © 2020, 2023 Janneke Nieuwenhuizen <janneke@gnu.org> -;;; Copyright © 2020, 2021, 2023 Maxim Cournoyer <maxim.cournoyer@gmail.com> +;;; Copyright © 2020, 2021, 2023, 2024 Maxim Cournoyer <maxim.cournoyer@gmail.com> ;;; Copyright © 2021 Solene Rapenne <solene@perso.pw> ;;; Copyright © 2021 Brice Waegeneire <brice@waegenei.re> ;;; Copyright © 2021 Maxime Devos <maximedevos@telenet.be> @@ -200,7 +200,7 @@ living in the same process.") (package (name "gnutls") (version "3.7.7") - (replacement gnutls-3.8.1) + (replacement gnutls-3.8.2) (source (origin (method url-fetch) ;; Note: Releases are no longer on ftp.gnu.org since the @@ -305,11 +305,11 @@ required structures.") (define-deprecated/public-alias gnutls-latest gnutls) ;; Replacement for gnutls@3.7.7 to address GNUTLS-SA-2020-07-14 / -;; CVE-2023-0361 -(define-public gnutls-3.8.1 +;; CVE-2023-0361 and GNUTLS-SA-2023-10-23 / CVE-2023-5981. +(define gnutls-3.8.2 (package (inherit gnutls) - (version "3.8.1") + (version "3.8.2") (source (origin (method url-fetch) (uri (string-append "mirror://gnupg/gnutls/v" @@ -318,20 +318,7 @@ required structures.") (patches (search-patches "gnutls-skip-trust-store-test.patch")) (sha256 (base32 - "1742jiigwsfhx7nj5rz7dwqr8d46npsph6b68j7siar0mqarx2xs")))) - (arguments - (if (target-hurd?) - ;; Fix reference to undefined 'PATH_MAX'. This is fixed in GnuTLS - ;; commit 3b6ec1e01de4e96d36276dfe34ee9e183f285264. - (substitute-keyword-arguments (package-arguments gnutls) - ((#:phases phases #~%standard-phases) - #~(modify-phases #$phases - (add-after 'unpack 'set-path-max - (lambda _ - (substitute* "lib/pathbuf.h" - (("^#define GNUTLS_PATH_MAX PATH_MAX") - "#define GNUTLS_PATH_MAX 8192\n"))))))) - (package-arguments gnutls))))) + "0xzgmp1ck5ifvdki4jg29r278w2p1m3a0qz38g99v6zsdw0yarg7")))))) (define-public gnutls/dane ;; GnuTLS with build libgnutls-dane, implementing DNS-based |