aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/gnutls/APKBUILD13
-rw-r--r--main/gnutls/cve-2012-1573.patch22
2 files changed, 6 insertions, 29 deletions
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index 4eb2c53630..fb4b313757 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Michael Mason <ms13sp@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
-pkgver=2.10.5
-pkgrel=3
+pkgver=2.12.23
+pkgrel=0
pkgdesc="A library which provides a secure connection"
url="http://www.gnu.org/software/gnutls/"
arch="all"
@@ -12,9 +12,7 @@ depends_dev="libgcrypt-dev libgpg-error-dev zlib-dev libtasn1-dev"
makedepends="$depends_dev perl"
install=
subpackages="$pkgname-doc $pkgname-dev"
-source="http://ftp.gnu.org/pub/gnu/gnutls/$pkgname-$pkgver.tar.bz2
- cve-2012-1573.patch
- "
+source="ftp://ftp.gnutls.org/gcrypt/gnutls/v${pkgver%.*}/$pkgname-$pkgver.tar.bz2"
prepare() {
cd "$srcdir/$pkgname-$pkgver"
@@ -41,5 +39,6 @@ package() {
make -j1 DESTDIR="$pkgdir" install
}
-md5sums="1b032e07ccd22f71a5df78aa73bd91f2 gnutls-2.10.5.tar.bz2
-b37bbb419598cf04d3cc9b9d9d5dd79e cve-2012-1573.patch"
+md5sums="f3c1d34bd5f113395c4be0d5dfc2b7fe gnutls-2.12.23.tar.bz2"
+sha256sums="dfa67a7e40727eb0913e75f3c44911d5d8cd58d1ead5acfe73dd933fc0d17ed2 gnutls-2.12.23.tar.bz2"
+sha512sums="7780e9ca7b592350ce9b11e53a63d3212320402d8ad2462bfbc0e69aec4a48bb372a1925627abb7996535c87c90e3d79537ea118c8bb36d26aae8e19eaae3a06 gnutls-2.12.23.tar.bz2"
diff --git a/main/gnutls/cve-2012-1573.patch b/main/gnutls/cve-2012-1573.patch
deleted file mode 100644
index b377c391c2..0000000000
--- a/main/gnutls/cve-2012-1573.patch
+++ /dev/null
@@ -1,22 +0,0 @@
---- ./lib/gnutls_cipher.c.orig
-+++ ./lib/gnutls_cipher.c
-@@ -515,14 +515,13 @@
- {
- ciphertext.size -= blocksize;
- ciphertext.data += blocksize;
--
-- if (ciphertext.size == 0)
-- {
-- gnutls_assert ();
-- return GNUTLS_E_DECRYPTION_FAILED;
-- }
- }
-
-+ if (ciphertext.size < hash_size)
-+ {
-+ gnutls_assert ();
-+ return GNUTLS_E_DECRYPTION_FAILED;
-+ }
- pad = ciphertext.data[ciphertext.size - 1] + 1; /* pad */
-
- if ((int) pad > (int) ciphertext.size - hash_size)