package/gnutls: security bump version to 3.8.6

Version 3.8.4 fixes CVE-2024-28834 & CVE-2024-28835. Release notes: 3.8.4: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html 3.8.5: https://lists.gnupg.org/pipermail/gnutls-help/2024-April/004846.html 3.8.6: https://lists.gnupg.org/pipermail/gnutls-help/2024-July/004848.html Signed-off-by: Bernd Kuhls <bernd@kuhls.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 904acfc41e1464848daf0240251e7701954c4918) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-08-10 19:46:45 +02:00 · 2024-08-10 19:46:45 +02:00 · 96c79a4349
commit 96c79a4349
parent 81ee5b10d8
2 changed files with 3 additions and 3 deletions
--- a/package/gnutls/gnutls.hash
+++ b/package/gnutls/gnutls.hash
@ -1,6 +1,6 @@
 # Locally calculated after checking pgp signature
-# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.3.tar.xz.sig
-sha256  f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173e  gnutls-3.8.3.tar.xz
+# https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.6.tar.xz.sig
+sha256  2e1588aae53cb32d43937f1f4eca28febd9c0c7aa1734fc5dd61a7e81e0ebcdd  gnutls-3.8.6.tar.xz
 # Locally calculated
 sha256  3972dc9744f6499f0f9b2dbf76696f2ae7ad8af9b23dde66d6af86c9dfb36986  doc/COPYING
 sha256  dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551  doc/COPYING.LESSER
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@ -6,7 +6,7 @@

 # When bumping, make sure *all* --without-libfoo-prefix options are in GNUTLS_CONF_OPTS
 GNUTLS_VERSION_MAJOR = 3.8
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).3
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).6
 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
 GNUTLS_SITE = https://www.gnupg.org/ftp/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
 GNUTLS_LICENSE = LGPL-2.1+ (core library)