diff options
| author | Peter Marko <peter.marko@siemens.com> | 2025-02-17 20:21:41 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2025-02-18 22:53:45 +0000 |
| commit | a4d31bb032350c2535b9168c33178303522edcca (patch) | |
| tree | 782f91fb6acfb6895ddadae9b00aa2b39948a475 /meta/recipes-devtools/rust/files/revert-link-std-statically-in-rustc_driver-feature.patch | |
| parent | 0e8a7ce0a51878da60c49152b64ca54c6c0607e6 (diff) | |
| download | poky-a4d31bb032350c2535b9168c33178303522edcca.tar.gz | |
gnutls: upgrade 3.8.8 -> 3.8.9
Solves CVE-2024-12243
Refreshed patches
License-Update: multiple changes
* https://gitlab.com/gnutls/gnutls/-/commit/a8727cdb076287d0a2098ba49d76899b4e70160e
COPYING.LESSER updated wording to latest FSF version
* https://gitlab.com/gnutls/gnutls/-/commit/75f5ea80738156b81de30ae9b482a69cf4e77e9d
LICENSE file merged to README.md
COPYING and COPYING.LESSERv2 moved to top-level directory
Release notes: https://gitlab.com/gnutls/gnutls/-/blob/3.8.9/NEWS?ref_type=tags
* Version 3.8.9 (released 2025-02-07)
** libgnutls: leancrypto was added as an interim option for PQC
The library can now be built with leancrypto instead of liboqs for
post-quantum cryptography (PQC), when configured with
--with-leancrypto option instead of --with-liboqs.
** libgnutls: Experimental support for ML-DSA signature algorithm
The library and certtool now support ML-DSA signature algorithm as
defined in FIPS 204 and based on
draft-ietf-lamps-dilithium-certificates-04. This feature is
currently marked as experimental and can only be enabled when
compiled with --with-leancrypto or --with-liboqs.
Contributed by David Dudas.
** libgnutls: Support for ML-KEM-1024 key encapsulation mechanism
The support for ML-KEM post-quantum key encapsulation mechanisms
has been extended to cover ML-KEM-1024, in addition to ML-KEM-768.
MLKEM1024 is only offered as SecP384r1MLKEM1024 hybrid as per
draft-kwiatkowski-tls-ecdhe-mlkem-03.
** libgnutls: Fix potential DoS in handling certificates with numerous name
constraints, as a follow-up of CVE-2024-12133 in libtasn1. The
bundled copy of libtasn1 has also been updated to the latest 4.20.0
release to complete the fix. Reported by Bing Shi (#1553).
[GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243]
** API and ABI modifications:
GNUTLS_PK_MLDSA44: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA65: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA87: New enum member of gnutls_pk_algorithm_t
GNUTLS_SIGN_MLDSA44: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA65: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA87: New enum member of gnutls_sign_algorithm_t
(From OE-Core rev: 4313d931673dd86aaf590c68f7b1fa364d752740)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/rust/files/revert-link-std-statically-in-rustc_driver-feature.patch')
0 files changed, 0 insertions, 0 deletions