packages/gnutls
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!166 fix CVE-2024-12243

Browse Source 
From: @fangxiuning 
Reviewed-by: @zcfsite 
Signed-off-by: @zcfsite
This commit is contained in:
openeuler-ci-bot 2025-02-14 06:56:18 +00:00 committed by Gitee
commit da52993774
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 1164 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1159
backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch Normal file
View File

File diff suppressed because it is too large Load Diff

6
gnutls.spec
View File

@ -1,6 +1,6 @@
Name: gnutls
Version: 3.7.2
Release: 15
Release: 16
Summary: The GNU Secure Communication Protocol Library
License: LGPLv2.1+ and GPLv3+
@ -23,6 +23,7 @@ Patch12: backport-x509-fix-thread-safety-in-gnutls_x509_trust_list_ver.patch
Patch13: backport-Fix-removal-of-duplicate-certs-during-verification.patch
Patch14: backport-lib-suppress-false-positive-Wanalyzer-out-of-bounds.patch
Patch15: backport-fix-CVE-2024-28835-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
Patch16: backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch
%bcond_without dane
%bcond_with guile
@ -229,6 +230,9 @@ make check %{?_smp_mflags}
%endif
%changelog
* Thu Feb 13 2025 fangxiuning <fangxiuning@huawei.com> - 3.7.2-16
- fix CVE-2024-12243
* Thu Apr 18 2024 fangxiuning <fangxiuning@huawei.com> - 3.7.2-15
- fix CVE-2024-28835