From: Jack Hill <jackhill@jackhill.us>
To: 68516@debbugs.gnu.org
Cc: <guix-security@gnu.org>
Subject: [bug#68516] [PATCH v2] gnu: gnutls: Update to 3.8.3 [security-fixes]
Date: Tue, 16 Jan 2024 14:45:43 -0500 [thread overview]
Message-ID: <9565ce0175aa58bf444636485a3f4b2cf93eb989.1705434343.git.jackhill@jackhill.us> (raw)
In-Reply-To: <4cf4192dab9a3f523f84e598a0b39a336cbd064b.1705431953.git.jackhill@jackhill.us>
Fixes CVE-2024-0553 and CVE-2024-0567.
gnu/packages/tls.scm (gnutls): Update grafted version to 3.8.3.
Change-Id: Ic44b3b0481ffd51cdc42a2d71a598f001b43c6f7
---
Version 2 updates the variable name to match the sofware version.
gnu/packages/tls.scm | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/gnu/packages/tls.scm b/gnu/packages/tls.scm
index 6441b8ed43..7be74a26b9 100644
--- a/gnu/packages/tls.scm
+++ b/gnu/packages/tls.scm
@@ -200,7 +200,7 @@ (define-public gnutls
(package
(name "gnutls")
(version "3.7.7")
- (replacement gnutls-3.8.2)
+ (replacement gnutls-3.8.3)
(source (origin
(method url-fetch)
;; Note: Releases are no longer on ftp.gnu.org since the
@@ -306,10 +306,10 @@ (define-deprecated/public-alias gnutls-latest gnutls)
;; Replacement for gnutls@3.7.7 to address GNUTLS-SA-2020-07-14 /
;; CVE-2023-0361 and GNUTLS-SA-2023-10-23 / CVE-2023-5981.
-(define gnutls-3.8.2
+(define gnutls-3.8.3
(package
(inherit gnutls)
- (version "3.8.2")
+ (version "3.8.3")
(source (origin
(method url-fetch)
(uri (string-append "mirror://gnupg/gnutls/v"
@@ -318,7 +318,7 @@ (define gnutls-3.8.2
(patches (search-patches "gnutls-skip-trust-store-test.patch"))
(sha256
(base32
- "0xzgmp1ck5ifvdki4jg29r278w2p1m3a0qz38g99v6zsdw0yarg7"))))))
+ "0ghpyhhfa3nsraph6dws50jb3dc8g2cfl7dizdnyrm179fawakzp"))))))
(define-public gnutls/dane
;; GnuTLS with build libgnutls-dane, implementing DNS-based
base-commit: 20606ca9af1ac019073f4ed872a9ad9960ff0725
--
2.41.0
next prev parent reply other threads:[~2024-01-16 19:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-16 19:05 [bug#68516] [PATCH] gnu: gnutls: Update to 3.8.3 [security-fixes] Jack Hill
2024-01-16 19:45 ` Jack Hill [this message]
2024-01-16 19:58 ` [bug#68516] [PATCH v3] " Jack Hill
2024-01-20 22:17 ` bug#68516: " John Kehayias via Guix-patches via
2024-01-22 1:23 ` [bug#68516] " Jack Hill
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9565ce0175aa58bf444636485a3f4b2cf93eb989.1705434343.git.jackhill@jackhill.us \
--to=jackhill@jackhill.us \
--cc=68516@debbugs.gnu.org \
--cc=guix-security@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).