Authentication-Results: name.execsw.org;
	dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=wU1HEC6Q;
	dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=ENGuWK27
Received: by mail.netbsd.org (Postfix, from userid 605)
	id 93D3D84DB2; Thu, 21 Mar 2024 06:08:40 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org;
	s=20240131; t=1711001320;
	bh=6BVN6cLb+M36TqLYXr8/JXy8f6xqNAfdQmzUGrYRPeY=;
	h=Date:From:Subject:To:Reply-To:List-Id:List-Unsubscribe;
	b=wU1HEC6QOWd+nEuSnXVlJcV/8XWPoR/qQLOicULe71l51RPwmW9RKRsZDLsxth6Y5
	 ZsA0od6sqTBzF845Pv3jO7X77yhc1g4GRsKea1MwhJom/6kAv+sQJfxqce0eyEnM4R
	 aCSmi3MWpszHiKBjuhH/peEEd6swpAaMgReEMnUM=
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 8431084D24
	for <pkgsrc-changes@NetBSD.org>; Thu, 21 Mar 2024 06:08:39 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Authentication-Results: mail.netbsd.org (amavisd-new);
	dkim=pass (1024-bit key) header.d=netbsd.org
Received: from mail.netbsd.org ([IPv6:::1])
	by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025)
	with ESMTP id hMyGsgUQJdQl for <pkgsrc-changes@netbsd.org>;
	Thu, 21 Mar 2024 06:08:38 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id CFDF084CD5
	for <pkgsrc-changes@NetBSD.org>; Thu, 21 Mar 2024 06:08:38 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org;
	s=20240131; t=1711001318;
	bh=6BVN6cLb+M36TqLYXr8/JXy8f6xqNAfdQmzUGrYRPeY=;
	h=Date:From:Subject:To:Reply-To;
	b=ENGuWK27tDQPHdirWJ098bTzmziYp5KK7W9VeWjBSoO1oMssHrKaeqjHI68+qG6fy
	 S4p/6o9btpB6mrYbOsHEeVXEWF1aIcxvD2NzbXCXtIwvPJX7RJ89Z9Nsg/6SUZuQRj
	 y9kwfXgKNpLnSqm2+QS+fyPKoJo8gJxA9yRc4SIs=
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id C726BFA2C; Thu, 21 Mar 2024 06:08:38 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1711001318168990"
MIME-Version: 1.0
Date: Thu, 21 Mar 2024 06:08:38 +0000
From: "Adam Ciarcinski" <adam@netbsd.org>
Subject: CVS commit: pkgsrc/security/gnutls
To: pkgsrc-changes@NetBSD.org
Reply-To: adam@netbsd.org
X-Mailer: log_accum
Message-Id: <20240321060838.C726BFA2C@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_1711001318168990
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	adam
Date:		Thu Mar 21 06:08:38 UTC 2024

Modified Files:
	pkgsrc/security/gnutls: Makefile PLIST distinfo

Log Message:
gnutls: updated to 3.8.4

Version 3.8.4 (released 2024-03-18)

** libgnutls: RSA-OAEP encryption scheme is now supported
   To use it with an unrestricted RSA private key, one would need to
   initialize a gnutls_x509_spki_t object with necessary parameters
   for RSA-OAEP and attach it to the private key. It is also possible
   to import restricted private keys if they are stored in PKCS#8
   format.

** libgnutls: Fix side-channel in the deterministic ECDSA.
   [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]

** libgnutls: Fixed a bug where certtool crashed when verifying a certificate
   chain with more than 16 certificates.
   [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835]

** libgnutls: Compression libraries are now loaded dynamically as needed
   instead of all being loaded during gnutls library initialization.
   As a result, the library initialization should be faster.

** build: The gnutls library can now be linked with the static library
   of GMP.  Note that in order for this to work libgmp.a needs to be
   compiled with -fPIC and libhogweed in Nettle also has to be linked
   to the static library of GMP.  This can be used to prevent custom
   memory allocators from being overriden by other applications.


To generate a diff of this commit:
cvs rdiff -u -r1.246 -r1.247 pkgsrc/security/gnutls/Makefile
cvs rdiff -u -r1.80 -r1.81 pkgsrc/security/gnutls/PLIST
cvs rdiff -u -r1.160 -r1.161 pkgsrc/security/gnutls/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1711001318168990
Content-Disposition: inline
Content-Length: 2552
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/security/gnutls/Makefile
diff -u pkgsrc/security/gnutls/Makefile:1.246 pkgsrc/security/gnutls/Makefile:1.247
--- pkgsrc/security/gnutls/Makefile:1.246	Wed Jan 17 20:23:05 2024
+++ pkgsrc/security/gnutls/Makefile	Thu Mar 21 06:08:38 2024
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.246 2024/01/17 20:23:05 adam Exp $
+# $NetBSD: Makefile,v 1.247 2024/03/21 06:08:38 adam Exp $
 
-DISTNAME=	gnutls-3.8.3
+DISTNAME=	gnutls-3.8.4
 CATEGORIES=	security devel
 MASTER_SITES=	https://www.gnupg.org/ftp/gcrypt/gnutls/v${PKGVERSION_NOREV:R}/
 EXTRACT_SUFX=	.tar.xz

Index: pkgsrc/security/gnutls/PLIST
diff -u pkgsrc/security/gnutls/PLIST:1.80 pkgsrc/security/gnutls/PLIST:1.81
--- pkgsrc/security/gnutls/PLIST:1.80	Thu Nov 16 12:31:11 2023
+++ pkgsrc/security/gnutls/PLIST	Thu Mar 21 06:08:38 2024
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.80 2023/11/16 12:31:11 adam Exp $
+@comment $NetBSD: PLIST,v 1.81 2024/03/21 06:08:38 adam Exp $
 bin/certtool
 bin/gnutls-cli
 bin/gnutls-cli-debug
@@ -1208,8 +1208,10 @@ man/man3/gnutls_x509_rdn_get2.3
 man/man3/gnutls_x509_rdn_get_by_oid.3
 man/man3/gnutls_x509_rdn_get_oid.3
 man/man3/gnutls_x509_spki_deinit.3
+man/man3/gnutls_x509_spki_get_rsa_oaep_params.3
 man/man3/gnutls_x509_spki_get_rsa_pss_params.3
 man/man3/gnutls_x509_spki_init.3
+man/man3/gnutls_x509_spki_set_rsa_oaep_params.3
 man/man3/gnutls_x509_spki_set_rsa_pss_params.3
 man/man3/gnutls_x509_tlsfeatures_add.3
 man/man3/gnutls_x509_tlsfeatures_check_crt.3

Index: pkgsrc/security/gnutls/distinfo
diff -u pkgsrc/security/gnutls/distinfo:1.160 pkgsrc/security/gnutls/distinfo:1.161
--- pkgsrc/security/gnutls/distinfo:1.160	Wed Jan 17 20:23:05 2024
+++ pkgsrc/security/gnutls/distinfo	Thu Mar 21 06:08:38 2024
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.160 2024/01/17 20:23:05 adam Exp $
+$NetBSD: distinfo,v 1.161 2024/03/21 06:08:38 adam Exp $
 
-BLAKE2s (gnutls-3.8.3.tar.xz) = bd0ccb51008095555b5a93c53cbf30e51df5a61ed4b14c81e9952b608458b1ae
-SHA512 (gnutls-3.8.3.tar.xz) = 74eddba01ce4c2ffdca781c85db3bb52c85f1db3c09813ee2b8ceea0608f92ca3912fd9266f55deb36a8ba4d01802895ca5d5d219e7d9caec45e1a8534e45a84
-Size (gnutls-3.8.3.tar.xz) = 6463720 bytes
+BLAKE2s (gnutls-3.8.4.tar.xz) = b6849ece462ad2ee2331760ff5743ee9dabb40dcb133ca0a7e3615f28bf0048f
+SHA512 (gnutls-3.8.4.tar.xz) = af748610392b7eec8a6294d28d088f323450207cdcda1aa2138a0fd71023994c662f7aff72b2b3cd888e7b770750611981c2cde5f2ddc45f852fc0034cdebaff
+Size (gnutls-3.8.4.tar.xz) = 6487520 bytes
 SHA1 (patch-configure) = 866d8a365b8338348230e47518788f494279b139


--_----------=_1711001318168990--