[Buildroot] [PATCH] gnutls: security bump to version 3.5.10

Peter Korsgaard peter at korsgaard.com
Tue Mar 7 15:10:43 UTC 2017


>>>>> "Thomas" == Thomas Petazzoni <thomas.petazzoni at free-electrons.com> writes:

 > Hello,
 > On Mon,  6 Mar 2017 11:55:06 -0300, Gustavo Zacarias wrote:
 >> Fixes:
 >> GNUTLS-SA-2017-3A - Addressed integer overflow resulting to invalid
 >> memory write in OpenPGP certificate parsing.
 >> GNUTLS-SA-2017-3B - Addressed crashes in OpenPGP certificate parsing,
 >> related to private key parser. No longer allow OpenPGP certificates
 >> (public keys) to contain private key sub-packets.
 >> GNUTLS-SA-2017-3C - Addressed large allocation in OpenPGP certificate
 >> parsing, that could lead in out-of-memory condition.
 >> 
 >> Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
 >> ---
 >> package/gnutls/gnutls.hash | 2 +-
 >> package/gnutls/gnutls.mk   | 2 +-
 >> 2 files changed, 2 insertions(+), 2 deletions(-)

 > Applied to master, thanks. Peter: we want this one for LTS I guess.

Committed to 2017.02.x, thanks.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list