From 5dee9acf5318bce197f5a743db72010cc70db04a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ludovic=20Court=C3=A8s?= Date: Wed, 12 Nov 2014 22:08:17 +0100 Subject: [PATCH] gnu: gnutls: Update to 3.2.20--this fixes CVE-2014-8564. * gnu/packages/patches/gnutls-server-name-fix.patch: Remove. * gnu-system.am (dist_patch_DATA): Adjust accordingly. * gnu/packages/gnutls.scm (gnutls): Update to 3.2.20. Remove 'patches' field. --- gnu-system.am | 1 - gnu/packages/gnutls.scm | 5 ++--- .../patches/gnutls-server-name-fix.patch | 17 ----------------- 3 files changed, 2 insertions(+), 21 deletions(-) delete mode 100644 gnu/packages/patches/gnutls-server-name-fix.patch diff --git a/gnu-system.am b/gnu-system.am index e6cb2ef73f..1af1aa5074 100644 --- a/gnu-system.am +++ b/gnu-system.am @@ -353,7 +353,6 @@ dist_patch_DATA = \ gnu/packages/patches/glibc-ldd-x86_64.patch \ gnu/packages/patches/gnunet-fix-scheduler.patch \ gnu/packages/patches/gnunet-fix-tests.patch \ - gnu/packages/patches/gnutls-server-name-fix.patch \ gnu/packages/patches/gobject-introspection-cc.patch \ gnu/packages/patches/grub-gets-undeclared.patch \ gnu/packages/patches/gstreamer-0.10-bison3.patch \ diff --git a/gnu/packages/gnutls.scm b/gnu/packages/gnutls.scm index 7e9b85e440..fd1b38d5ae 100644 --- a/gnu/packages/gnutls.scm +++ b/gnu/packages/gnutls.scm @@ -63,7 +63,7 @@ specifications.") (define-public gnutls (package (name "gnutls") - (version "3.2.19") + (version "3.2.20") (source (origin (method url-fetch) (uri @@ -74,8 +74,7 @@ specifications.") "/gnutls-" version ".tar.xz")) (sha256 (base32 - "1krx33ab2ijwfz71f1ba8labxfsic7jhlhv6rvjsyw566jj9a3d2")) - (patches (list (search-patch "gnutls-server-name-fix.patch"))))) + "165mpmm506jgpiffgf0s01rrn8c14qkan1saaa79dvf3g1z0arvr")))) (build-system gnu-build-system) (arguments '(#:configure-flags diff --git a/gnu/packages/patches/gnutls-server-name-fix.patch b/gnu/packages/patches/gnutls-server-name-fix.patch deleted file mode 100644 index 01f0b761e0..0000000000 --- a/gnu/packages/patches/gnutls-server-name-fix.patch +++ /dev/null @@ -1,17 +0,0 @@ -Fix a typo introduced in the first series implementing -'set-session-server-name!' whereby the trailing nul character would -be passed on the wire, thereby breaking connections. - -diff --git a/guile/src/core.c b/guile/src/core.c -index 82fd573..2778205 100644 ---- a/guile/src/core.c -+++ b/guile/src/core.c -@@ -719,7 +719,7 @@ SCM_DEFINE (scm_gnutls_set_session_server_name_x, "set-session-server-name!", - c_name = scm_to_locale_string (name); - - err = gnutls_server_name_set (c_session, c_type, c_name, -- strlen (c_name) + 1); -+ strlen (c_name)); - free (c_name); - - if (EXPECT_FALSE (err != GNUTLS_E_SUCCESS))