gnutls 3.4.14-3

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@10871 ec354946-7b23-47d6-9f5a-488ba84defc7

g/gnutls/gnutls-vl.spec

@@ -4,7 +4,7 @@ Summary:	GNU TLS Library
 Summary(ja):	GNU TLS ライブラリ
 Name:		gnutls
 Version:	3.4.14
-Release:	2%{?_dist_release}
+Release:	3%{?_dist_release}
 License:	GPLv3+ and LGPLv2+
 # The libgnutls library is LGPLv2+, utilities and remaining libraries are GPLv3+
 Group:		System Environment/Libraries
@@ -22,6 +22,9 @@ Patch3: gnutls-3.1.11-nosrp.patch
 # Security fixes
 # CVE-2016-7444/GNUTLS-SA-2016-3
 Patch2001: https://gitlab.com/gnutls/gnutls/commit/964632f37dfdfb914ebc5e49db4fa29af35b1de9.patch
+# from Fedora
+# CVE-2017-5337, CVE-2017-5334, CVE-2017-5336, CVE-2017-5335
+Patch3001: gnutls-3.4.17-various-flaws1.patch
 
 BuildRoot:	%{_tmppath}/%{name}-%{version}-root
 BuildRequires:	libtasn1-devel >= 4.3
@@ -156,6 +159,7 @@ This package contains Guile bindings for the library.
 %patch1 -p1 -b .rpath
 %patch3 -p1 -b .nosrp
 %patch2001 -p1
+%patch3001 -p1
 
 %build
 export LDFLAGS="-Wl,--no-add-needed"
@@ -289,6 +293,10 @@ fi
 %endif
 
 %changelog
+* Sat Jan 28 2017 IWAI, Masaharu <iwaim.sub@gmail.com> 3.4.14-3
+- fix CVE-2017-5337, CVE-2017-5334, CVE-2017-5336, CVE-2017-5335
+ - add Patch3001 from Fedora 24 gnutls-3.4.17-2.fc24
+
 * Thu Jan 12 2017 IWAI, Masaharu <iwaim.sub@gmail.com> 3.4.14-2
 - fix CVE-2016-7444; OCSP validation issue
  - add Patch2001