* [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509)
@ 2022-08-09 12:40 dataCobra
2022-08-09 13:18 ` classabbyamp
` (4 more replies)
0 siblings, 5 replies; 6+ messages in thread
From: dataCobra @ 2022-08-09 12:40 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 669 bytes --]
There is a new pull request by dataCobra against master on the void-packages repository
https://github.com/dataCobra/void-packages gnutls_CVE-2022-2509
https://github.com/void-linux/void-packages/pull/38553
gnutls: security update to 3.7.7 (CVE-2022-2509)
#### Testing the changes
- I tested the changes in this PR: **briefly**
#### Local build testing
- I built this PR locally for my native architecture, (Void 5.18.16_1 x86_64 GenuineIntel)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- x86_64
- x86_64-musl (crossbuild)
A patch file from https://github.com/void-linux/void-packages/pull/38553.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-gnutls_CVE-2022-2509-38553.patch --]
[-- Type: text/x-diff, Size: 1092 bytes --]
From 0afd2a13b2380f3f2befeeae86ab953d68cd1e58 Mon Sep 17 00:00:00 2001
From: dataCobra <datacobra@thinkbot.de>
Date: Tue, 9 Aug 2022 14:32:09 +0200
Subject: [PATCH] gnutls: security update to 3.7.7 CVE-2022-2509
---
srcpkgs/gnutls/template | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/gnutls/template b/srcpkgs/gnutls/template
index 228bd0334166..d8ea09e85f42 100644
--- a/srcpkgs/gnutls/template
+++ b/srcpkgs/gnutls/template
@@ -1,6 +1,6 @@
# Template file for 'gnutls'
pkgname=gnutls
-version=3.7.6
+version=3.7.7
revision=1
build_style=gnu-configure
configure_args="--disable-guile --disable-static
@@ -21,7 +21,7 @@ maintainer="Orphaned <orphan@voidlinux.org>"
license="GPL-3.0-only, LGPL-2.1-or-later"
homepage="https://gnutls.org"
distfiles="https://www.gnupg.org/ftp/gcrypt/gnutls/v${version%.*}/gnutls-${version}.tar.xz"
-checksum=77065719a345bfb18faa250134be4c53bef70c1bd61f6c0c23ceb8b44f0262ff
+checksum=be9143d0d58eab64dba9b77114aaafac529b6c0d7e81de6bdf1c9b59027d2106
pre_check() {
# same as $PASS in tests/cert-tests/certtool.sh
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: gnutls: security update to 3.7.7 (CVE-2022-2509)
2022-08-09 12:40 [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509) dataCobra
@ 2022-08-09 13:18 ` classabbyamp
2022-08-09 13:24 ` [PR PATCH] [Updated] " dataCobra
` (3 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: classabbyamp @ 2022-08-09 13:18 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 239 bytes --]
New comment by classabbyamp on void-packages repository
https://github.com/void-linux/void-packages/pull/38553#issuecomment-1209370957
Comment:
commit message should be
```
gnutls: update to 3.7.7.
[mention cve here if you'd like]
```
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PR PATCH] [Updated] gnutls: security update to 3.7.7 (CVE-2022-2509)
2022-08-09 12:40 [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509) dataCobra
2022-08-09 13:18 ` classabbyamp
@ 2022-08-09 13:24 ` dataCobra
2022-08-09 13:25 ` dataCobra
` (2 subsequent siblings)
4 siblings, 0 replies; 6+ messages in thread
From: dataCobra @ 2022-08-09 13:24 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 674 bytes --]
There is an updated pull request by dataCobra against master on the void-packages repository
https://github.com/dataCobra/void-packages gnutls_CVE-2022-2509
https://github.com/void-linux/void-packages/pull/38553
gnutls: security update to 3.7.7 (CVE-2022-2509)
#### Testing the changes
- I tested the changes in this PR: **briefly**
#### Local build testing
- I built this PR locally for my native architecture, (Void 5.18.16_1 x86_64 GenuineIntel)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- x86_64
- x86_64-musl (crossbuild)
A patch file from https://github.com/void-linux/void-packages/pull/38553.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-gnutls_CVE-2022-2509-38553.patch --]
[-- Type: text/x-diff, Size: 1088 bytes --]
From bc88c8661166b8d4b52ba2b823447cc566bb2332 Mon Sep 17 00:00:00 2001
From: dataCobra <datacobra@thinkbot.de>
Date: Tue, 9 Aug 2022 14:32:09 +0200
Subject: [PATCH] gnutls: update to 3.7.7
Fix: CVE-2022-2509
---
srcpkgs/gnutls/template | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/gnutls/template b/srcpkgs/gnutls/template
index 228bd0334166..d8ea09e85f42 100644
--- a/srcpkgs/gnutls/template
+++ b/srcpkgs/gnutls/template
@@ -1,6 +1,6 @@
# Template file for 'gnutls'
pkgname=gnutls
-version=3.7.6
+version=3.7.7
revision=1
build_style=gnu-configure
configure_args="--disable-guile --disable-static
@@ -21,7 +21,7 @@ maintainer="Orphaned <orphan@voidlinux.org>"
license="GPL-3.0-only, LGPL-2.1-or-later"
homepage="https://gnutls.org"
distfiles="https://www.gnupg.org/ftp/gcrypt/gnutls/v${version%.*}/gnutls-${version}.tar.xz"
-checksum=77065719a345bfb18faa250134be4c53bef70c1bd61f6c0c23ceb8b44f0262ff
+checksum=be9143d0d58eab64dba9b77114aaafac529b6c0d7e81de6bdf1c9b59027d2106
pre_check() {
# same as $PASS in tests/cert-tests/certtool.sh
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PR PATCH] [Updated] gnutls: security update to 3.7.7 (CVE-2022-2509)
2022-08-09 12:40 [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509) dataCobra
2022-08-09 13:18 ` classabbyamp
2022-08-09 13:24 ` [PR PATCH] [Updated] " dataCobra
@ 2022-08-09 13:25 ` dataCobra
2022-08-09 13:26 ` dataCobra
2022-08-09 14:57 ` [PR PATCH] [Merged]: gnutls: update to 3.7.7. (CVE-2022-2509) sgn
4 siblings, 0 replies; 6+ messages in thread
From: dataCobra @ 2022-08-09 13:25 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 674 bytes --]
There is an updated pull request by dataCobra against master on the void-packages repository
https://github.com/dataCobra/void-packages gnutls_CVE-2022-2509
https://github.com/void-linux/void-packages/pull/38553
gnutls: security update to 3.7.7 (CVE-2022-2509)
#### Testing the changes
- I tested the changes in this PR: **briefly**
#### Local build testing
- I built this PR locally for my native architecture, (Void 5.18.16_1 x86_64 GenuineIntel)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- x86_64
- x86_64-musl (crossbuild)
A patch file from https://github.com/void-linux/void-packages/pull/38553.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-gnutls_CVE-2022-2509-38553.patch --]
[-- Type: text/x-diff, Size: 1089 bytes --]
From 535a581ad580c25df1b82a3b3215fa4bc0a0bfdd Mon Sep 17 00:00:00 2001
From: dataCobra <datacobra@thinkbot.de>
Date: Tue, 9 Aug 2022 14:32:09 +0200
Subject: [PATCH] gnutls: update to 3.7.7.
Fix: CVE-2022-2509
---
srcpkgs/gnutls/template | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/gnutls/template b/srcpkgs/gnutls/template
index 228bd0334166..d8ea09e85f42 100644
--- a/srcpkgs/gnutls/template
+++ b/srcpkgs/gnutls/template
@@ -1,6 +1,6 @@
# Template file for 'gnutls'
pkgname=gnutls
-version=3.7.6
+version=3.7.7
revision=1
build_style=gnu-configure
configure_args="--disable-guile --disable-static
@@ -21,7 +21,7 @@ maintainer="Orphaned <orphan@voidlinux.org>"
license="GPL-3.0-only, LGPL-2.1-or-later"
homepage="https://gnutls.org"
distfiles="https://www.gnupg.org/ftp/gcrypt/gnutls/v${version%.*}/gnutls-${version}.tar.xz"
-checksum=77065719a345bfb18faa250134be4c53bef70c1bd61f6c0c23ceb8b44f0262ff
+checksum=be9143d0d58eab64dba9b77114aaafac529b6c0d7e81de6bdf1c9b59027d2106
pre_check() {
# same as $PASS in tests/cert-tests/certtool.sh
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: gnutls: security update to 3.7.7 (CVE-2022-2509)
2022-08-09 12:40 [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509) dataCobra
` (2 preceding siblings ...)
2022-08-09 13:25 ` dataCobra
@ 2022-08-09 13:26 ` dataCobra
2022-08-09 14:57 ` [PR PATCH] [Merged]: gnutls: update to 3.7.7. (CVE-2022-2509) sgn
4 siblings, 0 replies; 6+ messages in thread
From: dataCobra @ 2022-08-09 13:26 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 222 bytes --]
New comment by dataCobra on void-packages repository
https://github.com/void-linux/void-packages/pull/38553#issuecomment-1209380597
Comment:
Hey @classabbyamp,
I've fixed the commit as you mentioned.
Regards,
Ben
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PR PATCH] [Merged]: gnutls: update to 3.7.7. (CVE-2022-2509)
2022-08-09 12:40 [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509) dataCobra
` (3 preceding siblings ...)
2022-08-09 13:26 ` dataCobra
@ 2022-08-09 14:57 ` sgn
4 siblings, 0 replies; 6+ messages in thread
From: sgn @ 2022-08-09 14:57 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 493 bytes --]
There's a merged pull request on the void-packages repository
gnutls: update to 3.7.7. (CVE-2022-2509)
https://github.com/void-linux/void-packages/pull/38553
Description:
#### Testing the changes
- I tested the changes in this PR: **briefly**
#### Local build testing
- I built this PR locally for my native architecture, (Void 5.18.16_1 x86_64 GenuineIntel)
- I built this PR locally for these architectures (if supported. mark crossbuilds):
- x86_64
- x86_64-musl (crossbuild)
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-08-09 14:57 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-09 12:40 [PR PATCH] gnutls: security update to 3.7.7 (CVE-2022-2509) dataCobra
2022-08-09 13:18 ` classabbyamp
2022-08-09 13:24 ` [PR PATCH] [Updated] " dataCobra
2022-08-09 13:25 ` dataCobra
2022-08-09 13:26 ` dataCobra
2022-08-09 14:57 ` [PR PATCH] [Merged]: gnutls: update to 3.7.7. (CVE-2022-2509) sgn
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).