[pkgsrc/pkgsrc-2009Q1]: pkgsrc/security/gnutls Pullup ticket 2756 - requested...

[spz <spz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/950da1d307af
branches:  pkgsrc-2009Q1
changeset: 556808:950da1d307af
user:      spz <spz%pkgsrc.org@localhost>
date:      Wed May 06 09:34:11 2009 +0000

description:
Pullup ticket 2756 - requested by tnn
Security fix

Revisions pulled up:
- pkgsrc/security/gnutls/Makefile               1.80
- pkgsrc/security/gnutls/distinfo               1.54

   Module Name: pkgsrc
   Committed By:        wiz
   Date:                Mon Apr 20 13:11:57 UTC 2009

   Modified Files:
        pkgsrc/security/gnutls: Makefile distinfo

   Log Message:
   Update to 2.6.5. Update commented out LICENSE (needs two).

   * Version 2.6.5 (released 2009-04-11)

   ** libgnutls: Added %SSL3_RECORD_VERSION priority string that allows to
   specify the client hello message record version. Used to overcome buggy
   TLS servers. Report by Martin von Gagern.

   ** GnuTLS no longer uses the libtasn1-config script to find libtasn1.
   Libtasn1 0.3.4 or later is required.  This is to align with the
   upcoming libtasn1 v2.0 release that doesn't have a libtasn1-script.

   ** API and ABI modifications:
   No changes since last version.


   To generate a diff of this commit:
   cvs rdiff -u -r1.77 -r1.78 pkgsrc/security/gnutls/Makefile
   cvs rdiff -u -r1.52 -r1.53 pkgsrc/security/gnutls/distinfo


   Module Name: pkgsrc
   Committed By:        zafer
   Date:                Fri May  1 13:49:07 UTC 2009

   Modified Files:
        pkgsrc/security/gnutls: Makefile

   Log Message:
   replace non working mirrors with working ones.


   To generate a diff of this commit:
   cvs rdiff -u -r1.78 -r1.79 pkgsrc/security/gnutls/Makefile


   Module Name: pkgsrc
   Committed By:        tnn
   Date:                Sat May  2 20:04:33 UTC 2009

   Modified Files:
        pkgsrc/security/gnutls: Makefile distinfo

   Log Message:
   Update to gnutls-2.6.6.

   * Version 2.6.6 (released 2009-04-30)

   libgnutls: Corrected double free on signature verification failure.
     Reported by Miroslav Kratochvil.  See the advisory
     for more details.  [GNUTLS-SA-2009-1] [CVE-2009-1415]

   libgnutls: Fix DSA key generation.
     Noticed when investigating the previous GNUTLS-SA-2009-1 problem.  All
     DSA keys generated using GnuTLS 2.6.x are corrupt.  See the advisory
     for more details.  [GNUTLS-SA-2009-2] [CVE-2009-1416]


   To generate a diff of this commit:
   cvs rdiff -u -r1.79 -r1.80 pkgsrc/security/gnutls/Makefile
   cvs rdiff -u -r1.53 -r1.54 pkgsrc/security/gnutls/distinfo

diffstat:

 security/gnutls/Makefile |  17 ++++++++---------
 security/gnutls/distinfo |   8 ++++----
 2 files changed, 12 insertions(+), 13 deletions(-)

diffs (65 lines):

diff -r 722c1a837fb7 -r 950da1d307af security/gnutls/Makefile
--- a/security/gnutls/Makefile  Tue May 05 09:39:28 2009 +0000
+++ b/security/gnutls/Makefile  Wed May 06 09:34:11 2009 +0000
@@ -1,17 +1,17 @@
-# $NetBSD: Makefile,v 1.77 2009/02/21 13:45:31 wiz Exp $
+# $NetBSD: Makefile,v 1.77.2.1 2009/05/06 09:34:11 spz Exp $
 
-DISTNAME=      gnutls-2.6.4
+DISTNAME=      gnutls-2.6.6
 CATEGORIES=    security devel
 MASTER_SITES=  ftp://ftp.gnutls.org/pub/gnutls/ \
-               http://www.mirrors.wiretapped.net/security/network-security/gnutls/ \
-               ftp://ftp.mirrors.wiretapped.net/pub/security/network-security/gnutls/ \
+               ftp://ftp.gnupg.org/gcrypt/gnutls/ \
                ${MASTER_SITE_GNU:=gnutls/}
 EXTRACT_SUFX=  .tar.bz2
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
 HOMEPAGE=      http://www.gnutls.org/
 COMMENT=       GNU Transport Layer Security library
-#LICENSE=      gnu-gpl-v2 gnu-lgpl-v2.1
+
+#LICENSE=      gnu-gpl-v3 AND gnu-lgpl-v2.1
 
 PKG_INSTALLATION_TYPES=        overwrite pkgviews
 PKG_DESTDIR_SUPPORT=   user-destdir
@@ -27,10 +27,6 @@
 PKGCONFIG_OVERRIDE=    lib/gnutls.pc.in
 PKGCONFIG_OVERRIDE+=   libextra/gnutls-extra.pc.in
 
-BUILDLINK_API_DEPENDS.opencdk+=                opencdk>=0.6.5
-BUILDLINK_API_DEPENDS.libtasn1+=       libtasn1>=0.3.4
-BUILDLINK_API_DEPENDS.libgcrypt+=      libgcrypt>=1.2.4
-
 MAKE_ENV+=             RM=${RM:Q}
 MAKE_ENV+=             TZ=UTC
 
@@ -51,8 +47,11 @@
 .include "../../devel/gettext-lib/buildlink3.mk"
 .include "../../devel/libcfg+/buildlink3.mk"
 .include "../../devel/zlib/buildlink3.mk"
+BUILDLINK_API_DEPENDS.libgcrypt+=      libgcrypt>=1.2.4
 .include "../../security/libgcrypt/buildlink3.mk"
+BUILDLINK_API_DEPENDS.libtasn1+=       libtasn1>=0.3.4
 .include "../../security/libtasn1/buildlink3.mk"
+BUILDLINK_API_DEPENDS.opencdk+=                opencdk>=0.6.5
 .include "../../security/opencdk/buildlink3.mk"
 # guile is useful for selftests, but bindings should be separate pkgs
 #.include "../../lang/guile/buildlink3.mk"
diff -r 722c1a837fb7 -r 950da1d307af security/gnutls/distinfo
--- a/security/gnutls/distinfo  Tue May 05 09:39:28 2009 +0000
+++ b/security/gnutls/distinfo  Wed May 06 09:34:11 2009 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.52 2009/02/21 13:45:31 wiz Exp $
+$NetBSD: distinfo,v 1.52.2.1 2009/05/06 09:34:11 spz Exp $
 
-SHA1 (gnutls-2.6.4.tar.bz2) = 11dd1e11599906a32b3ff92308f4c4dbaadbad58
-RMD160 (gnutls-2.6.4.tar.bz2) = 771fd64026df69d770a0a681141591b21f9be751
-Size (gnutls-2.6.4.tar.bz2) = 5115205 bytes
+SHA1 (gnutls-2.6.6.tar.bz2) = d1693e611aa7270f14bc500bd56ef529ffcb1703
+RMD160 (gnutls-2.6.6.tar.bz2) = dc6e717e38741628508208244f07fed8faedb13c
+Size (gnutls-2.6.6.tar.bz2) = 5116385 bytes
 SHA1 (patch-aa) = 8e9ea317342d584fb6f931f96458cc3d7d747ca0
 SHA1 (patch-ab) = 17605f0d3b1895c1c63c8dabc21bdebf95eb7785
 SHA1 (patch-ae) = f505476ce0477dc547e8698d205d6ba26fe85f48