From 2ff530ec537948714067429f66c5d6678f2d1055 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Mon, 21 Jan 2019 17:53:12 +0100 Subject: [PATCH] gnutls: 3.6.2 -> 3.6.5 No security problems have been published about 3.6.x so far, but I'd certainly count the almost-transparent TLS 1.3 support as a security improvement. --- pkgs/development/libraries/gnutls/3.6.nix | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/pkgs/development/libraries/gnutls/3.6.nix b/pkgs/development/libraries/gnutls/3.6.nix index 7fb1af70a289..4ec93cf26a86 100644 --- a/pkgs/development/libraries/gnutls/3.6.nix +++ b/pkgs/development/libraries/gnutls/3.6.nix @@ -1,20 +1,22 @@ { callPackage, fetchurl, ... } @ args: callPackage ./generic.nix (args // rec { - version = "3.6.2"; + version = "3.6.5"; src = fetchurl { url = "mirror://gnupg/gnutls/v3.6/gnutls-${version}.tar.xz"; - sha256 = "07wdffklwmxpa9i50sh5nwrc5ajb47skrldm6rzjc0jf4dxxpmdw"; + sha256 = "0ddvg97dyrh8dkffv1mdc0knxx5my3qdbzv97s4a6jggmk9wwgh7"; # 3.6.5 }; - # Skip two tests introduced in 3.5.11. Probable reasons of failure: - # - pkgconfig: building against the result won't work before installing - # - trust-store: default trust store path (/etc/ssl/...) is missing in sandbox + # Skip some tests: + # - pkgconfig: building against the result won't work before installing (3.5.11) + # - fastopen: no idea; it broke between 3.6.2 and 3.6.3 (3437fdde6 in particular) + # - trust-store: default trust store path (/etc/ssl/...) is missing in sandbox (3.5.11) + # - psk-file: no idea; it broke between 3.6.3 and 3.6.4 # Change p11-kit test to use pkg-config to find p11-kit postPatch = '' - sed '2iexit 77' -i tests/pkgconfig.sh - sed '/^void doit(void)/,$s/{/{ exit(77);/; t' -i tests/trust-store.c + sed '2iexit 77' -i tests/{pkgconfig,fastopen}.sh + sed '/^void doit(void)/,/^{/ s/{/{ exit(77);/' -i tests/{trust-store,psk-file}.c sed 's:/usr/lib64/pkcs11/ /usr/lib/pkcs11/ /usr/lib/x86_64-linux-gnu/pkcs11/:`pkg-config --variable=p11_module_path p11-kit-1`:' -i tests/p11-kit-trust.sh ''; })