[Buildroot] [PATCH] gnutls: security bump to version 3.5.8
Peter Korsgaard
peter at korsgaard.com
Mon Jan 9 15:49:33 UTC 2017
>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
> The 3.5.x has been promoted to stable, hence 3.4.x is deprecated and
> 3.3.x kept as old-stable.
> libdane now specifies LGPLv2.1+ so drop the README kludge (which is also
> gone regarding licensing).
> libunistring is a new dependency, even though gnutls ships a builtin version
> we prefer to use unbundled to avoid duplication with other users and target
> size growth.
> Fixes:
> GNUTLS-SA-2017-01 - It was found using the OSS-FUZZ fuzzer
> infrastructure that decoding a specially crafted X.509 certificate with
> Proxy Certificate Information extension present could lead to a double
> free.
> GNUTLS-SA-2017-02 - It was found using the OSS-FUZZ fuzzer
> infrastructure that decoding a specially crafted OpenPGP certificate
> could lead to heap and stack overflows.
> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list