NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bf09290977
kumquat-buildroot/package/gnutls
History
Gustavo Zacarias 9b347c4acd gnutls: security bump to version 3.5.8 
The 3.5.x has been promoted to stable, hence 3.4.x is deprecated and
3.3.x kept as old-stable.

libdane now specifies LGPLv2.1+ so drop the README kludge (which is also
gone regarding licensing).

libunistring is a new dependency, even though gnutls ships a builtin version
we prefer to use unbundled to avoid duplication with other users and target
size growth.

Fixes:

GNUTLS-SA-2017-01 - It was found using the OSS-FUZZ fuzzer
infrastructure that decoding a specially crafted X.509 certificate with
Proxy Certificate Information extension present could lead to a double
free.
GNUTLS-SA-2017-02 - It was found using the OSS-FUZZ fuzzer
infrastructure that decoding a specially crafted OpenPGP certificate
could lead to heap and stack overflows.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-09 16:39:50 +01:00
..
Config.in gnutls: security bump to version 3.5.8 2017-01-09 16:39:50 +01:00
gnutls.hash gnutls: security bump to version 3.5.8 2017-01-09 16:39:50 +01:00
gnutls.mk gnutls: security bump to version 3.5.8 2017-01-09 16:39:50 +01:00