gnutls: fixed CVE-2020-13777

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket Backport the patch from upstream: https://gitlab.com/gnutls/gnutls.git commit c2646aeee94e71cb15c90a3147cf3b5b0ca158ca commit 50ad8778a81f9421effa4c5a3b457f98e559b178 commit 3d7fae761e65e9d0f16d7247ee8a464d4fe002da (From OE-Core rev: 86870cd2ff3555161ea5bb434740338ec20495a0) Signed-off-by: Haiqing Bai <Haiqing.Bai@windriver.com> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: haiqing <haiqing.bai@windriver.com> 2020-06-15 16:15:24 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-07-08 10:47:50 +0100
commit: 577f1b0b2fba641106959758cd59250ea38d0a64 (patch)
tree: bbe63c0c7a29f4e31d649e6fb8f9392047043732 /meta/recipes-support/gnutls/gnutls_3.6.13.bb
parent: 4e90fb17b129b7a5df584799ec9629474362d50c (diff)
download: poky-577f1b0b2fba641106959758cd59250ea38d0a64.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/meta/recipes-support/gnutls/gnutls_3.6.13.bb b/meta/recipes-support/gnutls/gnutls_3.6.13.bb
index f56d42a613..ab537981ac 100644
--- a/meta/recipes-support/gnutls/gnutls_3.6.13.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.6.13.bb
@@ -19,6 +19,9 @@ SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}"
 SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \
           file://arm_eabi.patch \
+           file://CVE-2020-13777-a.patch \
+           file://CVE-2020-13777-b.patch \
+           file://CVE-2020-13777-c.patch \
 "
 SRC_URI[md5sum] = "bb1fe696a11543433785b4fc70ca225f"
author	haiqing <haiqing.bai@windriver.com>	2020-06-15 16:15:24 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-07-08 10:47:50 +0100
commit	577f1b0b2fba641106959758cd59250ea38d0a64 (patch)
tree	bbe63c0c7a29f4e31d649e6fb8f9392047043732 /meta/recipes-support/gnutls/gnutls_3.6.13.bb
parent	4e90fb17b129b7a5df584799ec9629474362d50c (diff)
download	poky-577f1b0b2fba641106959758cd59250ea38d0a64.tar.gz

diff --git a/meta/recipes-support/gnutls/gnutls_3.6.13.bb b/meta/recipes-support/gnutls/gnutls_3.6.13.bb index f56d42a613..ab537981ac 100644 --- a/meta/recipes-support/gnutls/gnutls_3.6.13.bb +++ b/meta/recipes-support/gnutls/gnutls_3.6.13.bb
@@ -19,6 +19,9 @@ SHRT_VER = "${@d.getVar('PV').split('.')[0]}.${@d.getVar('PV').split('.')[1]}"
19		19
20	SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \	20	SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar.xz \
21	file://arm_eabi.patch \	21	file://arm_eabi.patch \
		22	file://CVE-2020-13777-a.patch \
		23	file://CVE-2020-13777-b.patch \
		24	file://CVE-2020-13777-c.patch \
22	"	25	"
23		26
24	SRC_URI[md5sum] = "bb1fe696a11543433785b4fc70ca225f"	27	SRC_URI[md5sum] = "bb1fe696a11543433785b4fc70ca225f"