Sophie

Sophie

distrib > Scientific%20Linux > 5x > x86_64 > by-pkgid > 488f7d353752a24f1cc3f6fc2e121835 > files > 18

gnutls-1.4.1-10.el5_9.1.src.rpm

Summary: A TLS protocol implementation.
Name: gnutls
Version: 1.4.1
Release: 10%{?dist}.1
License: LGPL
Group: System Environment/Libraries
BuildRequires: libgcrypt-devel >= 1.2.2, gettext
BuildRequires: zlib-devel, readline-devel, libtermcap-devel
#BuildPrereq: libtasn1-devel
#BuildPrereq: opencdk-devel
URL: http://www.gnutls.org/
#Source0: ftp://ftp.gnutls.org/pub/gnutls/devel/%{name}-%{version}.tar.gz
#Source1: ftp://ftp.gnutls.org/pub/gnutls/devel/%{name}-%{version}.tar.gz.sig
# XXX patent tainted SRP code removed.
Source0: %{name}-%{version}-nosrp.tar.bz2
Source1: libgnutls-config
Patch0: gnutls-1.4.0-nosrp.patch
Patch1: gnutls-1.4.1-enable-psk.patch
Patch3: gnutls-1.4.2-cve-2006-4790.patch
Patch4: gnutls-1.4.1-sa-2008-1.patch
Patch5: gnutls-1.4.1-cve-2008-4989.patch
Patch6: gnutls-1.4.1-cve-2009-2730.patch
Patch7: gnutls-1.4.1-cve-2009-2409.patch
Patch8: gnutls-1.4.1-cve-2009-3555.patch
Patch9: gnutls-1.4.1-tolerant-client.patch
Patch10: gnutls-1.4.1-client-crash.patch
Patch11: gnutls-1.4.1-cve-2011-4128.patch
Patch12: gnutls-1.4.1-cve-2012-1569.patch
Patch13: gnutls-1.4.1-cve-2012-1573.patch
Patch14: gnutls-1.4.1-certtool-request.patch
Patch15: gnutls-1.4.1-subject-dn.patch
Patch16: gnutls-1.4.1-cve-2013-1619.patch
BuildRoot: %{_tmppath}/%{name}-root
Requires: libgcrypt >= 1.2.2

%package devel
Summary: Development files for the %{name} package.
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
Requires: libgcrypt-devel
Requires: zlib-devel
Requires: pkgconfig

%package utils
Summary: Command line tools for TLS protocol.
Group: Applications/System
Requires: %{name} = %{version}-%{release}

%description
GnuTLS is a project that aims to develop a library which provides a secure 
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.

%description devel
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
This package contains files needed for developing applications with
the GnuTLS library.

%description utils
GnuTLS is a project that aims to develop a library which provides a secure
layer, over a reliable transport layer. Currently the GnuTLS library implements
the proposed standards by the IETF's TLS working group.
This package contains command line TLS client and server and certificate
manipulation tools.

%prep
%setup -q
%patch0 -p1 -b .nosrp
%patch1 -p1 -b .enable-psk
%patch3 -p1 -b .no-params
%patch4 -p1 -b .sa-2008-1
%patch5 -p1 -b .chain-verify
%patch6 -p1 -b .decoding
%patch7 -p1 -b .nomd2
%patch8 -p1 -b .reneg
%patch9 -p1 -b .tolerant
%patch10 -p1 -b .crash
%patch11 -p1 -b .data-size
%patch12 -p1 -b .length-check
%patch13 -p1 -b .packet
%patch14 -p1 -b .request
%patch15 -p1 -b .subject-dn
%patch16 -p1 -b .lucky13

for i in auth_srp_rsa.c auth_srp_sb64.c auth_srp_passwd.c auth_srp.c gnutls_srp.c ext_srp.c; do
    touch lib/$i
done

%build
%configure --with-included-opencdk --with-included-libtasn1 --with-included-libcfg --with-included-lzo --disable-srp-authentication
make

%install
rm -fr $RPM_BUILD_ROOT
%makeinstall
rm -f $RPM_BUILD_ROOT%{_bindir}/srptool
rm -f $RPM_BUILD_ROOT%{_bindir}/gnutls-srpcrypt
cp -f %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}/libgnutls-config
cp -f %{SOURCE1} $RPM_BUILD_ROOT%{_bindir}/libgnutls-extra-config
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/srptool.1
rm -f $RPM_BUILD_ROOT%{_mandir}/man3/*srp*
rm -f $RPM_BUILD_ROOT%{_infodir}/dir
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
%find_lang %{name}

%check
make check

%clean
rm -fr $RPM_BUILD_ROOT

%post -p /sbin/ldconfig

%postun -p /sbin/ldconfig

%post devel
if [ -f %{_infodir}/gnutls.info.gz ]; then
    /sbin/install-info %{_infodir}/gnutls.info.gz %{_infodir}/dir
fi

%preun devel
if [ $1 = 0 -a -f %{_infodir}/gnutls.info.gz ]; then
   /sbin/install-info --delete %{_infodir}/gnutls.info.gz %{_infodir}/dir
fi

%files -f %{name}.lang
%defattr(-,root,root)
%{_libdir}/*.so.*

%files devel
%defattr(-,root,root)
%{_bindir}/libgnutls*-config
%{_includedir}/*
%{_libdir}/*.a
%{_libdir}/*.so
%{_datadir}/aclocal/*
%{_libdir}/pkgconfig/*.pc
%{_mandir}/man3/*
%{_infodir}/gnutls*

%files utils
%defattr(-,root,root)
%{_bindir}/certtool
%{_bindir}/psktool
%{_bindir}/gnutls*
%{_mandir}/man1/*

%changelog
* Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 1.4.1-10.1
- fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238)

* Wed Jun  6 2012 Tomas Mraz <tmraz@redhat.com> 1.4.1-10
- do not generate invalid certificate requests without challenge password
- store subject DN instead of issuer DN in the CA list

* Thu Mar 22 2012 Tomas Mraz <tmraz@redhat.com> 1.4.1-9
- fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308)
- fix CVE-2012-1569 - missing length check when decoding DER lengths (#804920)
- fix CVE-2012-1573 - security issue in packet parsing (#805432)

* Wed Feb  8 2012 Tomas Mraz <tmraz@redhat.com> 1.4.1-8
- fix multiple possible NULL dereferences and other problems
  that can potentially lead to segfault in the client

* Tue Mar  9 2010 Tomas Mraz <tmraz@redhat.com> 1.4.1-7
- fix safe renegotiation on SSL3 protocol

* Wed Mar  3 2010 Tomas Mraz <tmraz@redhat.com> 1.4.1-6
- implement safe renegotiation - CVE-2009-3555 (#533125)
- do not allow MD2 in certificate signatures by default - CVE-2009-2409
  (#510197)

* Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 1.4.1-5
- fix NUL characters in DN and SAN cert fields issue,
  make sure gnutls_x509_crt_check_hostname() fails when certificate
  has no CN or SAN CVE-2009-2730 (#516231)

* Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 1.4.1-4
- fix chain verification issue CVE-2008-4989 (#470079)

* Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 1.4.1-3
- fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
  (#447461, #447462, #447463)

* Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2
- detect forged signatures - CVE-2006-4790 (#206411), patch
  from upstream

* Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1
- upgrade to new upstream version, only minor changes

* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1
- rebuild

* Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1
- upgrade to new upstream version (#192070), rebuild
  of dependent packages required

* Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2
- added missing buildrequires

* Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1
- updated to new version (fixes CVE-2006-0645)

* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2
- bump again for double-long bug on ppc(64)

* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1
- rebuilt for new gcc4.1 snapshot and glibc changes

* Tue Jan  3 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3
- rebuilt

* Fri Dec  9 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2
- replaced *-config scripts with calls to pkg-config to
  solve multilib conflicts

* Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1
- upgrade to newest upstream
- removed .la files (#172635)

* Sun Aug  7 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1
- upgrade to newest upstream (rebuild of dependencies necessary)

* Mon Jul  4 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2
- split the command line tools to utils subpackage

* Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1
- new upstream version fixes potential DOS attack

* Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2
- readd the version script dropped by upstream

* Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1
- update to the latest upstream version on the 1.0 branch

* Wed Mar  2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6
- gcc4 rebuild

* Tue Jan  4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5
- add gnutls Requires zlib-devel (#144069)

* Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4
- Make gnutls-devel Require libgcrypt-devel

* Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3
- rebuild with release++, otherwise unchanged.

* Tue Sep  7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2
- patent tainted SRP code removed.

* Sun Sep  5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1
- update to 1.0.20.
- add --with-included-opencdk --with-included-libtasn1
- add --with-included-libcfg --with-included-lzo
- add --disable-srp-authentication.
- do "make check" after build.

* Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1
- upgrade to 0.9.2

* Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1
- update to 0.4.4.

* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
- automated rebuild

* Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1
- update to 0.4.3.

* Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1
- update to 0.4.2.
- change license to LGPL.
- include splint annotations patch.

* Tue Apr  2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1
- update to 0.4.0

* Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1
- update to 0.3.2

* Wed Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1
- add a URL

* Wed Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
- initial package

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional