gnutls: security bump to version 3.5.10

Fixes: GNUTLS-SA-2017-3A - Addressed integer overflow resulting to invalid memory write in OpenPGP certificate parsing. GNUTLS-SA-2017-3B - Addressed crashes in OpenPGP certificate parsing, related to private key parser. No longer allow OpenPGP certificates (public keys) to contain private key sub-packets. GNUTLS-SA-2017-3C - Addressed large allocation in OpenPGP certificate parsing, that could lead in out-of-memory condition. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> (cherry picked from commit 6fdb2b109b) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-03-06 11:55:06 -03:00 · 2017-03-06 11:55:06 -03:00 · d51608ac63
commit d51608ac63
parent 411067de8a
2 changed files with 2 additions and 2 deletions
--- a/package/gnutls/gnutls.hash
+++ b/package/gnutls/gnutls.hash
@ -1,2 +1,2 @@
 # Locally calculated after checking pgp signature
-sha256	82b10f0c4ef18f4e64ad8cef5dbaf14be732f5095a41cf366b4ecb4050382951	gnutls-3.5.9.tar.xz
+sha256	af443e86ba538d4d3e37c4732c00101a492fe4b56a55f4112ff0ab39dbe6579d	gnutls-3.5.10.tar.xz
--- a/package/gnutls/gnutls.mk
+++ b/package/gnutls/gnutls.mk
@ -5,7 +5,7 @@
 ################################################################################

 GNUTLS_VERSION_MAJOR = 3.5
-GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).9
+GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).10
 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz
 GNUTLS_SITE = ftp://ftp.gnutls.org/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR)
 GNUTLS_LICENSE = LGPLv2.1+ (core library), GPLv3+ (gnutls-openssl library)