[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/03: gnu: gnutls: Replace with 3.8.1.
|
From: |
guix-commits |
|
Subject: |
01/03: gnu: gnutls: Replace with 3.8.1. |
|
Date: |
Fri, 20 Oct 2023 07:39:41 -0400 (EDT) |
cbaines pushed a commit to branch master
in repository guix.
commit 501549137853455ca39afaf79d8a623ea4494c88
Author: Christopher Baines <mail@cbaines.net>
AuthorDate: Mon Sep 25 20:06:51 2023 +0100
gnu: gnutls: Replace with 3.8.1.
The recommended way to address GNUTLS-SA-2020-07-14 / CVE-2023-0361 is to
upgrade to 3.8.0 or later.
* gnu/packages/tls.scm (gnutls-3.8.1): New variable.
(gnutls)[replacement]: Use it.
Signed-off-by: Christopher Baines <mail@cbaines.net>
---
gnu/packages/tls.scm | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 61484bfd86..d62c00dcff 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -200,6 +200,7 @@ living in the same process.")
(package
(name "gnutls")
(version "3.7.7")
+ (replacement gnutls-3.8.1)
(source (origin
(method url-fetch)
;; Note: Releases are no longer on ftp.gnu.org since the
@@ -303,6 +304,22 @@ required structures.")
(define-deprecated/public-alias gnutls-latest gnutls)
+;; Replacement for gnutls@3.7.7 to address GNUTLS-SA-2020-07-14 /
+;; CVE-2023-0361
+(define-public gnutls-3.8.1
+ (package
+ (inherit gnutls)
+ (version "3.8.1")
+ (source (origin
+ (method url-fetch)
+ (uri (string-append "mirror://gnupg/gnutls/v"
+ (version-major+minor version)
+ "/gnutls-" version ".tar.xz"))
+ (patches (search-patches "gnutls-skip-trust-store-test.patch"))
+ (sha256
+ (base32
+ "1742jiigwsfhx7nj5rz7dwqr8d46npsph6b68j7siar0mqarx2xs"))))))
+
(define-public gnutls/dane
;; GnuTLS with build libgnutls-dane, implementing DNS-based
;; Authentication of Named Entities. This is required for GNS functionality