packages/gnutls
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2024-12243

Browse Source 
Signed-off-by: xuraoqing <xuraoqing@huawei.com>
This commit is contained in:
xuraoqing 2025-02-13 12:41:30 +08:00
parent be58e26ecd
commit 63b6026027
2 changed files with 1164 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1159
backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch Normal file
View File

File diff suppressed because it is too large Load Diff

6
gnutls.spec
View File

@ -1,6 +1,6 @@
Name: gnutls Name: gnutls
Version: 3.7.2 Version: 3.7.2
Release: 14 Release: 15
Summary: The GNU Secure Communication Protocol Library Summary: The GNU Secure Communication Protocol Library
License: LGPLv2.1+ and GPLv3+ License: LGPLv2.1+ and GPLv3+
@ -23,6 +23,7 @@ Patch12: backport-add-gnulib-files.patch
Patch13: backport-Fix-removal-of-duplicate-certs-during-verification.patch Patch13: backport-Fix-removal-of-duplicate-certs-during-verification.patch
Patch14: backport-lib-suppress-false-positive-Wanalyzer-out-of-bounds.patch Patch14: backport-lib-suppress-false-positive-Wanalyzer-out-of-bounds.patch
Patch15: backport-fix-CVE-2024-28835-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch Patch15: backport-fix-CVE-2024-28835-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
Patch16: backport-CVE-2024-12243-x509-optimize-name-constraints-processing.patch
%bcond_without dane %bcond_without dane
%bcond_with guile %bcond_with guile
@ -229,6 +230,9 @@ make check %{?_smp_mflags}
%endif %endif
%changelog %changelog
* Thu Feb 13 2025 xuraoqing <xuraoqing@huawei.com> - 3.7.2-15
- fix CVE-2024-12243
* Wed Apr 17 2024 xuraoqing <xuraoqing@huawei.com> - 3.7.2-14 * Wed Apr 17 2024 xuraoqing <xuraoqing@huawei.com> - 3.7.2-14
- fix CVE-2024-28835 - fix CVE-2024-28835