diff options
author | Gustavo Zacarias <gustavo@zacarias.com.ar> | 2014-11-10 09:48:01 -0300 |
---|---|---|
committer | Peter Korsgaard <peter@korsgaard.com> | 2014-11-10 14:13:49 +0100 |
commit | caf2b2ba6b1896c6f0d5751fca84d48607497b04 (patch) | |
tree | af2cc6ab617bdb017525650a2cc7214e33535f9d /package/gnutls/gnutls.mk | |
parent | 7b640487366b2d0e0347601634f73948ac76dc27 (diff) | |
download | buildroot-caf2b2ba6b1896c6f0d5751fca84d48607497b04.tar.gz buildroot-caf2b2ba6b1896c6f0d5751fca84d48607497b04.zip |
gnutls: security bump to version 3.2.20
Fixes:
CVE-2014-8564 / GNUTLS-SA-2014-5 - Sean Burford reported that the
encoding of elliptic curves parameters GnuTLS 3 is vulnerable to a
denial of service (heap corruption). It affects clients and servers
which print information about the peer's certificate, e.g., the key ID,
and can be exploited via a specially crafted X.509 certificate.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Diffstat (limited to 'package/gnutls/gnutls.mk')
-rw-r--r-- | package/gnutls/gnutls.mk | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/package/gnutls/gnutls.mk b/package/gnutls/gnutls.mk index efc933eee7..06ca26554f 100644 --- a/package/gnutls/gnutls.mk +++ b/package/gnutls/gnutls.mk @@ -5,7 +5,7 @@ ################################################################################ GNUTLS_VERSION_MAJOR = 3.2 -GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).19 +GNUTLS_VERSION = $(GNUTLS_VERSION_MAJOR).20 GNUTLS_SOURCE = gnutls-$(GNUTLS_VERSION).tar.xz GNUTLS_SITE = ftp://ftp.gnutls.org/gcrypt/gnutls/v$(GNUTLS_VERSION_MAJOR) GNUTLS_LICENSE = GPLv3+ LGPLv2.1+ |