Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
aports
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Service Desk
Milestones
Merge Requests
1
Merge Requests
1
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Leo
aports
Commits
c2c9115c
Commit
c2c9115c
authored
Mar 31, 2020
by
Leo
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
main/gnutls: fix GNUTLS-SA-2020-03-31
parent
fca0c1b3
Pipeline
#11891
canceled with stages
in 169 minutes and 6 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
42 additions
and
8 deletions
+42
-8
main/gnutls/APKBUILD
main/gnutls/APKBUILD
+9
-8
main/gnutls/GNUTLS-SA-2020-03-31.patch
main/gnutls/GNUTLS-SA-2020-03-31.patch
+33
-0
No files found.
main/gnutls/APKBUILD
View file @
c2c9115c
...
...
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname
=
gnutls
pkgver
=
3.6.7
pkgrel
=
0
pkgrel
=
1
pkgdesc
=
"A TLS protocol implementation"
url
=
"https://www.gnutls.org/"
arch
=
"all"
...
...
@@ -16,11 +16,14 @@ _v=${pkgver%.*}
case
$pkgver
in
*
.
*
.
*
.
*
)
_v
=
${
_v
%.*
}
;;
esac
source
=
"https://www.gnupg.org/ftp/gcrypt/gnutls/v
${
_v
}
/gnutls-
$pkgver
.tar.xz
tests-date-compat.patch"
builddir
=
"
$srcdir
/
$pkgname
-
$pkgver
"
source
=
"https://www.gnupg.org/ftp/gcrypt/gnutls/v
$_v
/gnutls-
$pkgver
.tar.xz
GNUTLS-SA-2020-03-31.patch
tests-date-compat.patch
"
# secfixes:
# 3.6.7-r1:
# - GNUTLS-SA-2020-03-31
# 3.6.7-r0:
# - CVE-2019-3836
# - CVE-2019-3829
...
...
@@ -28,7 +31,6 @@ builddir="$srcdir/$pkgname-$pkgver"
# - CVE-2017-7507
build
()
{
cd
"
$builddir
"
LIBS
=
"-lgmp"
./configure
\
--build
=
$CBUILD
\
--host
=
$CHOST
\
...
...
@@ -45,8 +47,6 @@ build() {
}
check
()
{
cd
"
$builddir
"
make check
}
...
...
@@ -68,4 +68,5 @@ xx() {
}
sha512sums
=
"ae9b8996eb9b7269d28213f0aca3a4a17890ba8d47e3dc3b8e754ab8e2b4251e9412aaaa161a8bf56167f04cc169b4cada46f55a7bde92b955eb36cd717a99f3 gnutls-3.6.7.tar.xz
b9aefaca8a894b223b8bcc738524602e36edf6a49f458606235598470033c81b02e876bec18a41ac57760cb9644d44b4c35969be74d4a8120245fff716429531 tests-date-compat.patch"
b9aefaca8a894b223b8bcc738524602e36edf6a49f458606235598470033c81b02e876bec18a41ac57760cb9644d44b4c35969be74d4a8120245fff716429531 tests-date-compat.patch
abda4eb55aaca6aa841be7fcee9827b7f018d7311177dcaab76b5e3fed8b90baa18a4d7a3876de15a174472716f9c1ebcba3379ec8f4bef5a71f19516b577622 GNUTLS-SA-2020-03-31.patch"
main/gnutls/GNUTLS-SA-2020-03-31.patch
0 → 100644
View file @
c2c9115c
From c01011c2d8533dbbbe754e49e256c109cb848d0d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Stefan=20B=C3=BChler?= <stbuehler@web.de>
Date: Fri, 27 Mar 2020 17:17:57 +0100
Subject: [PATCH] dtls client hello: fix zeroed random (fixes #960)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This broke with bcf4de03 "handshake: treat reply to HRR as a reply to
hello verify request", which failed to "De Morgan" properly.
Signed-off-by: Stefan Bühler <stbuehler@web.de>
---
lib/handshake.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/handshake.c b/lib/handshake.c
index 5739df213e..84a0e52101 100644
--- a/lib/handshake.c
+++ b/lib/handshake.c
@@ -2167,7 +2167,7 @@
static int send_client_hello(gnutls_session_t session, int again)
/* Generate random data
*/
if (!(session->internals.hsk_flags & HSK_HRR_RECEIVED) &&
- !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests == 0)) {
+ !(IS_DTLS(session) && session->internals.dtls.hsk_hello_verify_requests != 0)) {
ret = _gnutls_gen_client_random(session);
if (ret < 0) {
gnutls_assert();
--
2.24.1
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment