[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#27308: [PATCH] gnu: gnutls: Replace with 3.5.13.

From: Ludovic Courtès
Subject: bug#27308: [PATCH] gnu: gnutls: Replace with 3.5.13.
Date: Sat, 10 Jun 2017 16:29:44 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)

Hi Marius,

Marius Bakke <address@hidden> skribis:

> This update addresses the following security advisories:
> GNUTLS-SA-2017-3 (aka CVE-2017-7869) and GNUTLS-SA-2017-4.
> These links contain more information about the vulnerabilities and releases:
> * gnu/packages/patches/gnutls-skip-pkgconfig-test.patch,
> gnu/packages/patches/gnutls-skip-trust-store-test.patch: New files.
> * gnu/ (dist_patch_DATA): Register patches.
> * gnu/packages/tls.scm (gnutls)[replacement]: New field.
> (gnutls-3.5.13): New variable.

Assuming binary compatibility, that looks good to me.

While you’re at it, could you update GnuTLS in ‘core-updates’?

For the trust-store.c test, we could ask upstream to arrange so that the
test is skipped when the trust store doesn’t exist; would the test still
make sense?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]