diff options
| author | drochner <drochner> | 2014-02-14 17:24:27 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2014-02-14 17:24:27 +0000 |
| commit | dfd1ba81d9ae6449a134117d6c9fad5e1b13cfd5 (patch) | |
| tree | 15533c8207f2d277638396906b86548080b75611 /security/gnutls | |
| parent | 5e1ace591e7270e7b1f7fe319537a174c50ca2fc (diff) | |
| download | pkgsrc-dfd1ba81d9ae6449a134117d6c9fad5e1b13cfd5.tar.gz | |
update to 3.2.11
changes:
Fix bug that prevented the rejection of v1 intermediate CA certificates
(CVE-2014-1959)
Diffstat (limited to 'security/gnutls')
| -rw-r--r-- | security/gnutls/Makefile | 6 | ||||
| -rw-r--r-- | security/gnutls/PLIST | 3 | ||||
| -rw-r--r-- | security/gnutls/distinfo | 13 | ||||
| -rw-r--r-- | security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-aesni.c | 18 | ||||
| -rw-r--r-- | security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-ssse3.c | 18 | ||||
| -rw-r--r-- | security/gnutls/patches/patch-lib_accelerated_x86_x86.h | 24 | ||||
| -rw-r--r-- | security/gnutls/patches/patch-lib_nettle_rnd.c | 14 |
7 files changed, 16 insertions, 80 deletions
diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile index 104954d9471..3e63624c665 100644 --- a/security/gnutls/Makefile +++ b/security/gnutls/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.142 2014/02/10 12:01:19 tron Exp $ +# $NetBSD: Makefile,v 1.143 2014/02/14 17:24:27 drochner Exp $ -DISTNAME= gnutls-3.2.9 -PKGREVISION= 1 +DISTNAME= gnutls-3.2.11 CATEGORIES= security devel MASTER_SITES= ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/ EXTRACT_SUFX= .tar.xz @@ -37,7 +36,6 @@ PKGCONFIG_OVERRIDE+= libdane/gnutls-dane.pc.in MAKE_ENV+= RM=${RM:Q} MAKE_ENV+= TZ=UTC -DOCDIR= ${PREFIX}/share/doc/gnutls EGDIR= ${PREFIX}/share/examples/gnutls .include "../../mk/bsd.prefs.mk" diff --git a/security/gnutls/PLIST b/security/gnutls/PLIST index d680624e428..d8db3414bf3 100644 --- a/security/gnutls/PLIST +++ b/security/gnutls/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.50 2014/01/16 10:14:09 wiz Exp $ +@comment $NetBSD: PLIST,v 1.51 2014/02/14 17:24:27 drochner Exp $ bin/certtool bin/danetool bin/gnutls-cli @@ -153,6 +153,7 @@ man/man3/gnutls_credentials_clear.3 man/man3/gnutls_credentials_set.3 man/man3/gnutls_db_check_entry.3 man/man3/gnutls_db_check_entry_time.3 +man/man3/gnutls_db_get_default_cache_expiration.3 man/man3/gnutls_db_get_ptr.3 man/man3/gnutls_db_remove_session.3 man/man3/gnutls_db_set_cache_expiration.3 diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo index db7cf185025..16eaceacc36 100644 --- a/security/gnutls/distinfo +++ b/security/gnutls/distinfo @@ -1,15 +1,12 @@ -$NetBSD: distinfo,v 1.103 2014/02/10 12:01:19 tron Exp $ +$NetBSD: distinfo,v 1.104 2014/02/14 17:24:27 drochner Exp $ -SHA1 (gnutls-3.2.9.tar.xz) = 6644d1034c3880c3a52d4e1da344f2423a02dd6c -RMD160 (gnutls-3.2.9.tar.xz) = fa434a751735a9c4a6af65d512c0bbab9245344b -Size (gnutls-3.2.9.tar.xz) = 5134196 bytes +SHA1 (gnutls-3.2.11.tar.xz) = 7204edeffc06ff4d60b181b65ea6ada5f4d31b24 +RMD160 (gnutls-3.2.11.tar.xz) = 4e992da1ec9da3f6ee1e9b0e4210648530070e02 +Size (gnutls-3.2.11.tar.xz) = 5135168 bytes SHA1 (patch-ae) = b6402cc4a03f1b32792191518ed0c5596eb91c07 SHA1 (patch-gl_stdio.in.h) = b5802da2cccddd6fab73bd39c49f7d62bef58464 SHA1 (patch-lib_Makefile.in) = d395121b1b640aed76aff8033106c978e7ec4ce7 -SHA1 (patch-lib_accelerated_x86_aes-cbc-x86-aesni.c) = ec5e51a623f31025a864d15dc6386de9fc85807a -SHA1 (patch-lib_accelerated_x86_aes-cbc-x86-ssse3.c) = 45f4c04e008fb40aea4a04e0bd81c669c2d9f793 -SHA1 (patch-lib_accelerated_x86_x86.h) = d56fc79389d561bbd76da32f8f1ed778adb7768c -SHA1 (patch-lib_nettle_rnd.c) = c0b0bd744e2370abd111f5418668bbf4dc0ea35d +SHA1 (patch-lib_nettle_rnd.c) = e3a35d2b492cbb719c178c90fa87861dfa828ce7 SHA1 (patch-src_libopts_autoopts_options.h) = 60be5b43f23ba5978759c1e245781da7f9125071 SHA1 (patch-src_libopts_compat_compat.h) = 2e0a1be460917b2d7a8f6bdac698dad405143013 SHA1 (patch-tests_Makefile.in) = 43e3f23665f2ccc71413e830e7f6f1c8850a518a diff --git a/security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-aesni.c b/security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-aesni.c deleted file mode 100644 index fc2c04931f4..00000000000 --- a/security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-aesni.c +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-lib_accelerated_x86_aes-cbc-x86-aesni.c,v 1.1 2014/02/10 12:01:20 tron Exp $ - -Fix build under Mac OS X when assembler code is enabled. -Patch taken from here: - -https://www.gitorious.org/gnutls/gnutls/commit/54768ca1cd9049bbd1c695696ef3c8595c6052db - ---- lib/accelerated/x86/aes-cbc-x86-aesni.c.orig 2014-01-01 17:14:59.000000000 +0000 -+++ lib/accelerated/x86/aes-cbc-x86-aesni.c 2014-02-10 11:31:27.000000000 +0000 -@@ -39,8 +39,6 @@ - int enc; - }; - --unsigned int _gnutls_x86_cpuid_s[4]; -- - static int - aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc) - { diff --git a/security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-ssse3.c b/security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-ssse3.c deleted file mode 100644 index 7641d9bae6b..00000000000 --- a/security/gnutls/patches/patch-lib_accelerated_x86_aes-cbc-x86-ssse3.c +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-lib_accelerated_x86_aes-cbc-x86-ssse3.c,v 1.1 2014/02/10 12:01:20 tron Exp $ - -Fix build under Mac OS X when assembler code is enabled. -Patch taken from here: - -https://www.gitorious.org/gnutls/gnutls/commit/54768ca1cd9049bbd1c695696ef3c8595c6052db - ---- lib/accelerated/x86/aes-cbc-x86-ssse3.c.orig 2014-01-01 17:14:59.000000000 +0000 -+++ lib/accelerated/x86/aes-cbc-x86-ssse3.c 2014-02-10 11:31:27.000000000 +0000 -@@ -39,8 +39,6 @@ - int enc; - }; - --unsigned int _gnutls_x86_cpuid_s[4]; -- - static int - aes_cipher_init(gnutls_cipher_algorithm_t algorithm, void **_ctx, int enc) - { diff --git a/security/gnutls/patches/patch-lib_accelerated_x86_x86.h b/security/gnutls/patches/patch-lib_accelerated_x86_x86.h deleted file mode 100644 index e4f314213c1..00000000000 --- a/security/gnutls/patches/patch-lib_accelerated_x86_x86.h +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-lib_accelerated_x86_x86.h,v 1.1 2014/02/10 12:01:20 tron Exp $ - -Fix build under Mac OS X when assembler code is enabled. -Patch taken from here: - -https://www.gitorious.org/gnutls/gnutls/commit/54768ca1cd9049bbd1c695696ef3c8595c6052db - ---- lib/accelerated/x86/x86.h.orig 2014-01-01 17:14:59.000000000 +0000 -+++ lib/accelerated/x86/x86.h 2014-02-10 11:31:27.000000000 +0000 -@@ -22,6 +22,8 @@ - - #include <config.h> - -+extern unsigned int _gnutls_x86_cpuid_s[4]; -+ - #if defined(ASM_X86) - - void gnutls_cpuid(unsigned int func, unsigned int *ax, unsigned int *bx, -@@ -43,5 +45,4 @@ - (nettle_hash_digest_func *) digest_func \ - } - -- - #endif diff --git a/security/gnutls/patches/patch-lib_nettle_rnd.c b/security/gnutls/patches/patch-lib_nettle_rnd.c index 237704def7a..3e30deb2f62 100644 --- a/security/gnutls/patches/patch-lib_nettle_rnd.c +++ b/security/gnutls/patches/patch-lib_nettle_rnd.c @@ -1,20 +1,20 @@ -$NetBSD: patch-lib_nettle_rnd.c,v 1.1 2013/11/29 22:55:29 wiz Exp $ +$NetBSD: patch-lib_nettle_rnd.c,v 1.2 2014/02/14 17:24:27 drochner Exp $ http://lists.gnupg.org/pipermail/gnutls-devel/2013-November/006588.html ---- lib/nettle/rnd.c.orig 2013-11-10 17:59:14.000000000 +0000 +--- lib/nettle/rnd.c.orig 2014-01-27 18:27:10.000000000 +0000 +++ lib/nettle/rnd.c -@@ -90,8 +90,7 @@ static int do_trivia_source(int init) - memcpy(&event.now, ¤t_time, sizeof(event.now)); - #ifdef HAVE_GETRUSAGE - if (getrusage(RUSAGE_SELF, &event.rusage) < 0) { +@@ -97,8 +97,7 @@ static void _rnd_get_event(struct event_ + # else + if (getrusage(RUSAGE_SELF, &e->rusage) < 0) { + # endif - _gnutls_debug_log("getrusage failed: %s\n", - strerror(errno)); + _gnutls_debug_log("getrusage failed\n"); abort(); } #endif -@@ -244,8 +243,7 @@ static int do_device_source_urandom(int +@@ -263,8 +262,7 @@ static int do_device_source_urandom(int if (res <= 0) { if (res < 0) { _gnutls_debug_log |