Update to 3.6.7

- Fixed CVE-2019-3836 (#1693214) - Fixed CVE-2019-3829 (#1693210) Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-03-27 13:28:07 +01:00 · 2019-03-27 13:28:07 +01:00 · 06571b6b92
commit 06571b6b92
parent 35567a4b6a
5 changed files with 15 additions and 23 deletions
--- a/.gitignore
+++ b/.gitignore
@ -105,3 +105,5 @@ gnutls-2.10.1-nosrp.tar.bz2
 /gnutls-3.6.5.tar.xz
 /gnutls-3.6.6.tar.xz
 /gnutls-3.6.6.tar.xz.sig
+/gnutls-3.6.7.tar.xz
+/gnutls-3.6.7.tar.xz.sig
--- a/gnutls-3.6.6-use-old-guile.patch
+++ b/gnutls-3.6.6-use-old-guile.patch
@ -1,12 +0,0 @@
-diff --git a/configure.ac b/configure.ac
-index ea6f39c53..7568363ef 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -859,6 +859,7 @@ if test "$opt_guile_bindings" = "yes"; then
-       AC_PATH_PROG([GUILD], [guild])
-       AC_SUBST([GUILD])
- 
-+      GUILE_PKG
-       GUILE_PROGS
-       GUILE_FLAGS
- 
--- a/gnutls-3.6.7-no-now-guile.patch
+++ b/gnutls-3.6.7-no-now-guile.patch
@ -1,11 +1,9 @@
-diff --git a/guile/src/Makefile.in b/guile/src/Makefile.in
-index 3e4f547..6ffec0e 100644
--- a/guile/src/Makefile.in
-+++ b/guile/src/Makefile.in
-@@ -1430,7 +1430,7 @@ guileextension_LTLIBRARIES = guile-gnutls-v-2.la
+--- a/guile/src/Makefile.in	2019-03-27 11:51:55.984398001 +0100
+++ b/guile/src/Makefile.in	2019-03-27 11:52:27.259626076 +0100
+@@ -1472,7 +1472,7 @@
 # Use '-module' to build a "dlopenable module", in Libtool terms.
 # Use '-undefined' to placate Libtool on Windows; see
- # <http://lists.gnutls.org/pipermail/gnutls-devel/2014-December/007294.html>.
+ # <https://lists.gnutls.org/pipermail/gnutls-devel/2014-December/007294.html>.
 -guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined
 +guile_gnutls_v_2_la_LDFLAGS = -module -no-undefined -Wl,-z,lazy
 
--- a/gnutls.spec
+++ b/gnutls.spec
@ -1,9 +1,8 @@
 # This spec file has been automatically updated
-Version:	3.6.6
+Version:	3.6.7
 Release: 1%{?dist}
 Patch1:	gnutls-3.2.7-rpath.patch
-Patch2:	gnutls-3.6.4-no-now-guile.patch
-Patch3: gnutls-3.6.6-use-old-guile.patch
+Patch2:	gnutls-3.6.7-no-now-guile.patch
 %bcond_without dane
 %if 0%{?rhel}
 %bcond_with guile
@ -271,6 +270,11 @@ make check %{?_smp_mflags}
 %endif

 %changelog
+* Wed Mar 27 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.7-1
+- Update to upstream 3.6.7 release
+- Fixed CVE-2019-3836 (#1693214)
+- Fixed CVE-2019-3829 (#1693210)
+
 * Fri Feb  1 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.6-1
 - Update to upstream 3.6.6 release

--- a/4
+++ b/4
@ -1,3 +1,3 @@
-SHA512 (gnutls-3.6.6.tar.xz) = 4ff34f38d7dc543bc5750d8fdfe9be84af60c66e8d41da45f6cffc11d6c6c726784fd2d471b3416604ca1f3f9efb22ff7a290d5c92c96deda38df6ae3e794cc1
-SHA512 (gnutls-3.6.6.tar.xz.sig) = 7fb484a62775804dfd7b200b4a55cb07406e91a52c2c90fb779777b757b87c8ce7df0fa92dc7639891bca68eba5d2a66580c2a1734f8b884b9f5254e2e5e3012
+SHA512 (gnutls-3.6.7.tar.xz) = ae9b8996eb9b7269d28213f0aca3a4a17890ba8d47e3dc3b8e754ab8e2b4251e9412aaaa161a8bf56167f04cc169b4cada46f55a7bde92b955eb36cd717a99f3
+SHA512 (gnutls-3.6.7.tar.xz.sig) = fd397cab1f658053d52cdd214a9d816262993b572cd4b623f3e276fd6759e2e620bd3f27d5a749a2b066173c6c39fcc357225d3136996b99e2f88d268aef5baf
 SHA512 (gpgkey-1F42418905D8206AA754CCDC29EE58B996865171.gpg) = 3b1989dc6a64d1140f83a2af0773da2adb03c50d97b6da7357cf09525050651aafa21131f1e3180baa540a8af922119a256f5ff5bcd6602996a806e8e1816bad