| Commit message (Collapse) | Author | Age |
| |
|
|\
| |
| | |
gnutls: 3.6.9 -> 3.6.10
|
| |
| |
| |
| |
| |
| |
| | |
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/gnutls/versions
|
|/
|
|
| |
See https://gitlab.com/gnutls/gnutls/issues/764 for more info.
|
|
|
|
| |
https://gitlab.com/gnutls/gnutls/blob/gnutls_3_6_9/NEWS
|
|
|
|
|
| |
No security fixes announced.
https://lists.gnupg.org/pipermail/gnutls-help/2019-May/004527.html
|
|
|
|
|
|
| |
It's one of the places that would reach out to /etc/ otherwise,
so I expect we have to pay this price to get the effect.
Hopefully there won't be too many places to patch.
|
|
|
|
| |
The patch should work fine, regardless of the Darwin patch being applied.
|
|
|
|
|
|
|
|
| |
Nix packages are expected to honor NIX_SSL_CERT_FILE and this removes the
dependency on the framework while bootstrapping the stdenv.
(+ nitpick changes from vcunat)
The patch is based on https://gitlab.com/gnutls/gnutls/commit/c0eb46d3463cd21b3f822ac377ff37f067f66b8d
|
|
|
|
|
| |
https://lists.gnupg.org/pipermail/gnutls-help/2019-March/004497.html
Close #58437.
|
| |
|
| |
|
|
|
|
|
|
| |
"bug fix release on the stable branch"
https://lists.gnupg.org/pipermail/gnutls-help/2019-January/004484.html
|
|\ |
|
| |
| |
| |
| |
| |
| | |
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
|
|/
|
|
|
|
| |
No security problems have been published about 3.6.x so far,
but I'd certainly count the almost-transparent TLS 1.3 support
as a security improvement.
|
|
|
|
|
|
|
|
|
|
|
| |
HTTP -> HTTPS for :
- http://gnu.org/
- http://www.gnu.org/
- http://elpa.gnu.org/
- http://lists.gnu.org/
- http://gcc.gnu.org/
- http://ftp.gnu.org/ (except in fetchurl mirrors)
- http://bugs.gnu.org/
|
| |
|
| |
|
|\ |
|
| | |
|
|/ |
|
|
|
|
|
|
|
| |
The p11-kit-trust test looks in /usr/lib for pkcs11 modules. As a
result it is unnecessarily skipped on sandboxed builds, and fails on
unsandboxed builds with a system p11-kit. Replace hard-coded /usr/lib
paths with pkg-config.
|
|\ |
|
| |
| |
| |
| | |
ftp.gnutls.org stopped working with curl; it's not clear yet why.
|
| |
| |
| |
| |
| | |
If you have fixed-output derivation with correct hash but bad builder
on Hydra, it seems really difficult to restart it with a good builder.
|
| |
| |
| |
| |
| |
| | |
I'm sorry about that; I forgot 3.5 in there.
Still, I don't know why their ftp won't work well with curl;
wget is perfectly OK.
|
|/
|
|
| |
No breaking changes expected, as the ABI is still 3.4.0.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
Unbound is used for DANE support but this requires the unbound trust
anchor in /etc/unbound/root.key which we don't create in any NixOS
module.
|
| |
|
|
|
|
|
| |
It contains a fix for DOS possibility in servers.
http://gnutls.org/security.html#GNUTLS-SA-2017-4
|
| |
|
|
|
|
| |
This contains a revert of d6454e6a1.
|
| |
|
| |
|
|
|
|
| |
http://gnutls.org/security.html#GNUTLS-SA-2017-3
|
|
|
|
| |
I didn't intend this substitution to be conditional; I looked wrong.
|
|
|
|
|
| |
This fixes systemd build. Also put it into the generic expression,
as there's only one version in nixpkgs ATM.
|
|
|
|
|
|
| |
3.4 branch detects support for getrandom() call during configure-time,
which gets picked up since glibc-2.25, and consequently it will fail
with older kernels during rutime.
|
|
|
|
| |
Bugfix release.
|
|
|
|
| |
(incl. a nitpick change from vcunat)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes the following security issues:
* CVE-2017-5334
* CVE-2017-5335
* CVE-2017-5336
* CVE-2017-5337
See https://www.gnutls.org/news.html#2017-01-09 for more information.
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes the following security issues:
* CVE-2017-5334
* CVE-2017-5335
* CVE-2017-5336
* CVE-2017-5337
See https://www.gnutls.org/news.html#2017-01-09 for more information.
|
| |
|