|
|
@@ -4,7 +4,7 @@ Summary: GNU TLS Library
|
|
|
Summary(ja): GNU TLS ライブラリ
|
|
|
Name: gnutls
|
|
|
Version: 3.4.14
|
|
|
-Release: 1%{?_dist_release}
|
|
|
+Release: 2%{?_dist_release}
|
|
|
License: GPLv3+ and LGPLv2+
|
|
|
# The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv3+
|
|
|
Group: System Environment/Libraries
|
|
|
@@ -20,7 +20,8 @@ Patch3: gnutls-3.1.11-nosrp.patch
|
|
|
# Nothing...
|
|
|
|
|
|
# Security fixes
|
|
|
-# Nothing...
|
|
|
+# CVE-2016-7444/GNUTLS-SA-2016-3
|
|
|
+Patch2001: https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
BuildRequires: libtasn1-devel >= 4.3
|
|
|
@@ -33,6 +34,8 @@ BuildRequires: nettle-devel >= 3.1.1
|
|
|
BuildRequires: texinfo, autogen
|
|
|
BuildRequires: zlib-devel
|
|
|
Requires: zlib
|
|
|
+# for tests
|
|
|
+BuildRequires: net-tools
|
|
|
|
|
|
Requires(post): ldconfig
|
|
|
Requires(postun): ldconfig
|
|
|
@@ -152,6 +155,7 @@ This package contains Guile bindings for the library.
|
|
|
|
|
|
%patch1 -p1 -b .rpath
|
|
|
%patch3 -p1 -b .nosrp
|
|
|
+%patch2001 -p1
|
|
|
|
|
|
%build
|
|
|
export LDFLAGS="-Wl,--no-add-needed"
|
|
|
@@ -285,6 +289,11 @@ fi
|
|
|
%endif
|
|
|
|
|
|
%changelog
|
|
|
+* Thu Jan 12 2017 IWAI, Masaharu <iwaim.sub@gmail.com> 3.4.14-2
|
|
|
+- fix CVE-2016-7444; OCSP validation issue
|
|
|
+ - add Patch2001
|
|
|
+- add BR: net-tools; for test
|
|
|
+
|
|
|
* Thu Jul 7 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 3.4.14-1
|
|
|
- new upstream release 3.4.14.
|
|
|
- dropped Patch100.
|
iwaim