[1/1] package/gnutls: security bump version to 3.8.6

Message ID	20240810174645.709425-1-bernd@kuhls.net
State	Accepted
Headers	show Return-Path: <buildroot-bounces@buildroot.org> Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=85.13.140.57; helo=dd20012.kasserver.com; envelope-from=bernd@kuhls.net; receiver=<UNKNOWN> DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org 6E81B812CF From: Bernd Kuhls <bernd@kuhls.net> To: buildroot@buildroot.org Date: Sat, 10 Aug 2024 19:46:45 +0200 Message-Id: <20240810174645.709425-1-bernd@kuhls.net> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/1] package/gnutls: security bump version to 3.8.6 Precedence: list Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: buildroot-bounces@buildroot.org Sender: "buildroot" <buildroot-bounces@buildroot.org>
Series	[1/1] package/gnutls: security bump version to 3.8.6 \| expand [1/1] package/gnutls: security bump version to 3.8.6

Message ID

20240810174645.709425-1-bernd@kuhls.net

State

Accepted

Headers

Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=85.13.140.57;
 helo=dd20012.kasserver.com; envelope-from=bernd@kuhls.net;
 receiver=<UNKNOWN>
DMARC-Filter: OpenDMARC Filter v1.4.2 smtp1.osuosl.org 6E81B812CF
From: Bernd Kuhls <bernd@kuhls.net>
To: buildroot@buildroot.org
Date: Sat, 10 Aug 2024 19:46:45 +0200
Message-Id: <20240810174645.709425-1-bernd@kuhls.net>
MIME-Version: 1.0
X-Mailman-Original-Authentication-Results: smtp1.osuosl.org;
 dmarc=pass (p=none dis=none)
 header.from=kuhls.net
X-Mailman-Original-Authentication-Results: smtp1.osuosl.org;
 dkim=pass (2048-bit key) header.d=kuhls.net header.i=@kuhls.net
 header.a=rsa-sha256 header.s=kas202406071026 header.b=hmbu7VD+
Subject: [Buildroot] [PATCH 1/1] package/gnutls: security bump version to
 3.8.6
X-BeenThere: buildroot@buildroot.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.buildroot.org>
List-Unsubscribe: <https://lists.buildroot.org/mailman/options/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=unsubscribe>
List-Archive: <http://lists.buildroot.org/pipermail/buildroot/>
List-Post: <mailto:buildroot@buildroot.org>
List-Help: <mailto:buildroot-request@buildroot.org?subject=help>
List-Subscribe: <https://lists.buildroot.org/mailman/listinfo/buildroot>,
 <mailto:buildroot-request@buildroot.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: buildroot-bounces@buildroot.org
Sender: "buildroot" <buildroot-bounces@buildroot.org>

Series

[1/1] package/gnutls: security bump version to 3.8.6 | expand

Commit Message

Bernd Kuhls Aug. 10, 2024, 5:46 p.m. UTC

Version 3.8.4 fixes CVE-2024-28834 & CVE-2024-28835.

Release notes:
3.8.4: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
3.8.5: https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html
3.8.6: https://lists.gnupg.org/pipermail/gnutls-help/2024-July/004848.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
 package/gnutls/gnutls.hash | 4 ++--
 package/gnutls/gnutls.mk   | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

Comments

Thomas Petazzoni Aug. 12, 2024, 8:50 p.m. UTC | #1

On Sat, 10 Aug 2024 19:46:45 +0200
Bernd Kuhls <bernd@kuhls.net> wrote:

> Version 3.8.4 fixes CVE-2024-28834 & CVE-2024-28835.
> 
> Release notes:
> 3.8.4: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
> 3.8.5: https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html
> 3.8.6: https://lists.gnupg.org/pipermail/gnutls-help/2024-July/004848.html
> 
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
>  package/gnutls/gnutls.hash | 4 ++--
>  package/gnutls/gnutls.mk   | 2 +-
>  2 files changed, 3 insertions(+), 3 deletions(-)

Applied to master, thanks.

Thomas

Peter Korsgaard Sept. 6, 2024, 11:56 a.m. UTC | #2

>>>>> "Bernd" == Bernd Kuhls <bernd@kuhls.net> writes:

 > Version 3.8.4 fixes CVE-2024-28834 & CVE-2024-28835.
 > Release notes:
 > 3.8.4: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
 > 3.8.5: https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html
 > 3.8.6: https://lists.gnupg.org/pipermail/gnutls-help/2024-July/004848.html

 > Signed-off-by: Bernd Kuhls <bernd@kuhls.net>

Committed to 2024.02.x and 2024.05.x, thanks.

diff --git a/package/gnutls/gnutls.hash b/package/gnutls/gnutls.hash
index 47fb34ea7c..d9f830ec92 100644
--- a/package/gnutls/gnutls.hash
+++ b/package/gnutls/gnutls.hash
@@ -1,6 +1,6 @@ 
 # Locally calculated after checking pgp signature
-# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.3.tar.xz.sig
-sha256  f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173e  gnutls-3.8.3.tar.xz
+# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.6.tar.xz.sig
+sha256  2e1588aae53cb32d43937f1f4eca28febd9c0c7aa1734fc5dd61a7e81e0ebcdd  gnutls-3.8.6.tar.xz
 # Locally calculated
 sha256  3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986  doc/COPYING
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  doc/COPYING.LESSER
diff --git a/package/gnutls/gnutls.mk b/package/gnutls/gnutls.mk
index eae017aac2..479922ee5d 100644
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@@ -6,7 +6,7 @@ 
 
 # When bumping, make sure *all* --without-libfoo-prefix options are in GNUTLS_CONF_OPTS
 GNUTLS_VERSION_MAJOR = 3.8
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).3
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).6
 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
 GNUTLS_SITE = https://www.gnupg.org/ftp/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
 GNUTLS_LICENSE = LGPL-2.1+ (core library)

[1/1] package/gnutls: security bump version to 3.8.6

Commit Message

Comments

Patch