gnutls35: 3.5.5 -> 3.5.8

Fixes the following security issues: * CVE-2017-5334 * CVE-2017-5335 * CVE-2017-5336 * CVE-2017-5337 See https://www.gnutls.org/news.html#2017-01-09 for more information.
2024-09-21 04:49:01 +02:00 · 2017-01-11 06:19:04 +01:00 · 2017-01-11 06:19:04 +01:00 · 85ac790666
parent 7165b38908
commit 85ac790666
2 changed files with 9 additions and 5 deletions
--- a/pkgs/development/libraries/gnutls/3.5.nix
+++ b/pkgs/development/libraries/gnutls/3.5.nix
@ -1,10 +1,12 @@
-{ callPackage, fetchurl, autoreconfHook, ... } @ args:
+{ callPackage, fetchurl, libunistring, ... } @ args:

 callPackage ./generic.nix (args // rec {
-  version = "3.5.5";
+  version = "3.5.8";

  src = fetchurl {
    url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-${version}.tar.xz";
-    sha256 = "0ag5q3dfxzv0dmqy7q0a8y74yc3m5yzvjrp324l6vqafh3klz6c6";
+    sha256 = "1zyl2z63s68hx1dpxqx0lykmlf3rwrzlrf44sq3h7dvjmr1z55qf";
  };
+
+  buildInputs = [ libunistring ];
 })
--- a/pkgs/development/libraries/gnutls/generic.nix
+++ b/pkgs/development/libraries/gnutls/generic.nix
@ -4,6 +4,7 @@

 # Version dependent args
 , version, src, patches ? [], postPatch ? "", nativeBuildInputs ? []
+, buildInputs ? []
 , ...}:

 assert guileBindings -> guile != null;
@ -41,7 +42,8 @@ stdenv.mkDerivation {
    ++ lib.optional (stdenv.isFreeBSD || stdenv.isDarwin) libiconv
    ++ lib.optional (tpmSupport && stdenv.isLinux) trousers
    ++ [ unbound ]
-    ++ lib.optional guileBindings guile;
+    ++ lib.optional guileBindings guile
+    ++ buildInputs;

  nativeBuildInputs = [ perl pkgconfig ] ++ nativeBuildInputs;

@ -75,7 +77,7 @@ stdenv.mkDerivation {

    homepage = http://www.gnu.org/software/gnutls/;
    license = licenses.lgpl21Plus;
-    maintainers = with maintainers; [ eelco wkennington ];
+    maintainers = with maintainers; [ eelco wkennington fpletz ];
    platforms = platforms.all;
  };
 }