[bug#66195] [PATCH] gnu: gnutls: Replace with 3.8.1.

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#66195] [PATCH] gnu: gnutls: Replace with 3.8.1.

From:	Ludovic Courtès
Subject:	[bug#66195] [PATCH] gnu: gnutls: Replace with 3.8.1.
Date:	Thu, 19 Oct 2023 22:17:41 +0200
User-agent:	Gnus/5.13 (Gnus v5.13)

Hi,

Christopher Baines <mail@cbaines.net> skribis:

> The recommended way to address GNUTLS-SA-2020-07-14 / CVE-2023-0361 is to
> upgrade to 3.8.0 or later.
>
> * gnu/packages/tls.scm (gnutls-3.8.1): New variable.
> (gnutls)[replacement]: Use it.

Surprisingly, ‘guix lint -c cve gnutls’ doesn’t report anything with
3.7.7 as currently packaged.

> +(define-public gnutls-3.8.1

Maybe add a comment here with the SA and CVE references.

Then, assuming the ABIs are compatible (which can be checked with
libabigail’s abidiff), LGTM.

Thanks,
Ludo’.

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#66195] [PATCH] gnu: gnutls: Replace with 3.8.1., Ludovic Courtès <=
- bug#66195: [PATCH] gnu: gnutls: Replace with 3.8.1., Christopher Baines, 2023/10/20

Prev by Date: [bug#66643] [PATCH] gnu: icedove/wayland: Use wrap-program.
Next by Date: bug#66387: [PATCH] home: services: Fix race condition when detecting first login
Previous by thread: [bug#66643] [PATCH] gnu: icedove/wayland: Use wrap-program.
Next by thread: bug#66195: [PATCH] gnu: gnutls: Replace with 3.8.1.
Index(es):
- Date
- Thread