gnutls: update to 3.5.5
Remove backported 0001-Use-correct-include-dir-with-minitasn.patch and CVE-2016-7444.patch (which still applied silently and incorrectly: https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450). (From OE-Core rev: 118b7233721c374314b9ceca5a101e772a29d8c3) Signed-off-by: Alexander Kanavin <alexander.kanavin@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
parent
6e0980decb
commit
ff30ef9d54
|
@ -1,31 +0,0 @@
|
|||
From 2651b08477f42dd7a05ea7d6df410fb2c46de4fb Mon Sep 17 00:00:00 2001
|
||||
From: Jussi Kukkonen <jussi.kukkonen@intel.com>
|
||||
Date: Wed, 31 Aug 2016 11:04:06 +0300
|
||||
Subject: [PATCH] Use correct include dir with minitasn
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
This allows compiling certtool-cfg without libtasn headers.
|
||||
|
||||
Upstream-Status: Submitted [https://gitlab.com/gnutls/gnutls/merge_requests/54]
|
||||
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
|
||||
---
|
||||
src/Makefile.am | 1 +
|
||||
1 file changed, 1 insertion(+)
|
||||
|
||||
diff --git a/src/Makefile.am b/src/Makefile.am
|
||||
index 182f3a5..cf65388 100644
|
||||
--- a/src/Makefile.am
|
||||
+++ b/src/Makefile.am
|
||||
@@ -146,6 +146,7 @@ libcmd_cli_debug_la_SOURCES = cli-debug-args.def cli-debug-args.c cli-debug-args
|
||||
COMMON_LIBS = $(LIBOPTS) $(LTLIBINTL)
|
||||
if ENABLE_MINITASN1
|
||||
COMMON_LIBS += ../lib/minitasn1/libminitasn1.la ../gl/libgnu.la
|
||||
+AM_CPPFLAGS += -I$(top_srcdir)/lib/minitasn1
|
||||
else
|
||||
COMMON_LIBS += $(LIBTASN1_LIBS)
|
||||
endif
|
||||
--
|
||||
2.9.3
|
||||
|
|
@ -1,35 +0,0 @@
|
|||
CVE: CVE-2016-7444
|
||||
Upstream-Status: Backport
|
||||
Signed-off-by: Jussi Kukkonen <jussi.kukkonen@intel.com>
|
||||
|
||||
Upstream commit follows:
|
||||
|
||||
|
||||
From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001
|
||||
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
||||
Date: Sat, 27 Aug 2016 17:00:22 +0200
|
||||
Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP response
|
||||
|
||||
Previously the OCSP certificate check wouldn't verify the serial length
|
||||
and could succeed in cases it shouldn't.
|
||||
|
||||
Reported by Stefan Buehler.
|
||||
---
|
||||
lib/x509/ocsp.c | 1 +
|
||||
1 file changed, 1 insertion(+), 0 deletions(-)
|
||||
|
||||
diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c
|
||||
index 92db9b6..8181f2e 100644
|
||||
--- a/lib/x509/ocsp.c
|
||||
+++ b/lib/x509/ocsp.c
|
||||
@@ -1318,6 +1318,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp,
|
||||
gnutls_assert();
|
||||
goto cleanup;
|
||||
}
|
||||
+ cserial.size = t;
|
||||
|
||||
if (rserial.size != cserial.size
|
||||
|| memcmp(cserial.data, rserial.data, rserial.size) != 0) {
|
||||
--
|
||||
libgit2 0.24.0
|
||||
|
|
@ -1,13 +0,0 @@
|
|||
require gnutls.inc
|
||||
|
||||
SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
|
||||
file://0001-configure.ac-fix-sed-command.patch \
|
||||
file://use-pkg-config-to-locate-zlib.patch \
|
||||
file://0001-Use-correct-include-dir-with-minitasn.patch \
|
||||
file://CVE-2016-7444.patch \
|
||||
"
|
||||
SRC_URI[md5sum] = "6c2c7f40ddf52933ee3ca474cb8cb63c"
|
||||
SRC_URI[sha256sum] = "92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef"
|
||||
|
||||
# x86 .text relocations should be fixed from 3.5.5 onwards
|
||||
INSANE_SKIP_${PN}_append_x86 = " textrel"
|
|
@ -0,0 +1,9 @@
|
|||
require gnutls.inc
|
||||
|
||||
SRC_URI += "file://correct_rpl_gettimeofday_signature.patch \
|
||||
file://0001-configure.ac-fix-sed-command.patch \
|
||||
file://use-pkg-config-to-locate-zlib.patch \
|
||||
"
|
||||
SRC_URI[md5sum] = "fb84c4d7922c1545da8dda4dcb9487d4"
|
||||
SRC_URI[sha256sum] = "86994fe7804ee16d2811e366b9bf2f75304f8e470ae0e3716d60ffeedac0e529"
|
||||
|
Loading…
Reference in New Issue