packages/gnutls
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!161 fix CVE-2024-12243

Browse Source 
From: @xuraoqing 
Reviewed-by: @zcfsite 
Signed-off-by: @zcfsite
This commit is contained in:
openeuler-ci-bot 2025-02-14 06:54:59 +00:00 committed by Gitee
commit a62765ef3a
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 1156 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1151
backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch Normal file
View File

File diff suppressed because it is too large Load Diff

6
gnutls.spec
View File

@ -1,6 +1,6 @@
Name: gnutls
Version: 3.8.2
Release: 4
Release: 5
Summary: The GNU Secure Communication Protocol Library
License: LGPLv2.1+ and GPLv3+
@ -13,6 +13,7 @@ Patch1: backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch
Patch2: backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch
Patch3: backport-fix-CVE-2024-28834-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch
Patch4: backport-fix-CVE-2024-28835-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
Patch5: backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch
%bcond_without dane
%bcond_with guile
@ -245,6 +246,9 @@ make check %{?_smp_mflags}
%endif
%changelog
* Thu Feb 13 2025 xuraoqing <xuraoqing@huawei.com> - 3.8.2-5
- fix CVE-2024-12243
* Fri Mar 22 2024 wangyaoyong <yaoyong.oerv@isrc.iscas.ac.cn> - 3.8.2-4
- support change CC to compile with clang