deleted file mode 100644

@@ -1,28 +0,0 @@

-From 964632f37dfdfb914ebc5e49db4fa29af35b1de9 Mon Sep 17 00:00:00 2001

-From: Nikos Mavrogiannopoulos <nmav@gnutls.org>

-Date: Sat, 27 Aug 2016 17:00:22 +0200

-Subject: [PATCH] ocsp: corrected the comparison of the serial size in OCSP response

-

-Previously the OCSP certificate check wouldn't verify the serial length

-and could succeed in cases it shouldn't.

-

-Reported by Stefan Buehler.

- lib/x509/ocsp.c | 1 +

- 1 file changed, 1 insertion(+)

-

-diff --git a/lib/x509/ocsp.c b/lib/x509/ocsp.c

-index 92db9b6..8181f2e 100644

-+++ b/lib/x509/ocsp.c

-@@ -1318,6 +1318,7 @@ gnutls_ocsp_resp_check_crt(gnutls_ocsp_resp_t resp,

- 		gnutls_assert();

- 		goto cleanup;

- 	}

-+	cserial.size = t;

- 

- 	if (rserial.size != cserial.size

- 	    || memcmp(cserial.data, rserial.data, rserial.size) != 0) {

-libgit2 0.25.0

-

deleted file mode 100644

@@ -1,53 +0,0 @@

-From 51464af713d71802e3c6d5ac15f1a95132a354fe Mon Sep 17 00:00:00 2001

-From: Nikos Mavrogiannopoulos <nmav@redhat.com>

-Date: Mon, 20 Feb 2017 11:13:08 +0100

-Subject: [PATCH] cdk_pkt_read: enforce packet limits

-

-That ensures that there are no overflows in the subsequent

-calculations.

-

-Resolves the oss-fuzz found bug:

-https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420

-

-Relates: #159

-

-Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

- lib/opencdk/read-packet.c |  9 +++++++++

- 1 file changed, 9 insertions(+)

-

-diff --git a/lib/opencdk/read-packet.c b/lib/opencdk/read-packet.c

-index 8055a63..ead6480 100644

-+++ b/lib/opencdk/read-packet.c

-@@ -888,7 +888,7 @@ static void skip_packet(cdk_stream_t inp, size_t pktlen)

- 	assert(pktlen == 0);

- }

- 

--

-+#define MAX_PACKET_LEN (1<<24)

- /**

-  * cdk_pkt_read:

-  * @inp: the input stream

-@@ -940,6 +940,13 @@ cdk_error_t cdk_pkt_read(cdk_stream_t inp, cdk_packet_t pkt)

- 	else

- 		read_old_length(inp, ctb, &pktlen, &pktsize);

- 

-+	/* enforce limits to ensure that the following calculations

-+	 * do not overflow */

-+	if (pktlen >= MAX_PACKET_LEN || pktsize >= MAX_PACKET_LEN) {

-+		_cdk_log_info("cdk_pkt_read: too long packet\n");

-+		return gnutls_assert_val(CDK_Inv_Packet);

-+	}

-+

- 	pkt->pkttype = pkttype;

- 	pkt->pktlen = pktlen;

- 	pkt->pktsize = pktsize + pktlen;

-@@ -964,6 +971,7 @@ cdk_error_t cdk_pkt_read(cdk_stream_t inp, cdk_packet_t pkt)

- 		break;

- 

- 	case CDK_PKT_USER_ID:

-+

- 		pkt->pkt.user_id = cdk_calloc(1, sizeof *pkt->pkt.user_id

- 					      + pkt->pktlen + 1);

- 		if (!pkt->pkt.user_id)

@@ -1,14 +1,11 @@

 Summary:        The GnuTLS Transport Layer Security Library

 Name:           gnutls

-Version:        3.4.11

-Release:        4%{?dist}

+Version:        3.5.15

+Release:        1%{?dist}

 License:        GPLv3+ and LGPLv2+

 URL:            http://www.gnutls.org

-Source0:        http://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/gnutls/v3.4/%{name}-%{version}.tar.xz

-%define sha1    gnutls=55f73d1ea2b3335fea514fad6faa1e72006ae9f9

-Patch0:         gnutls_3.4.11_default_priority.patch

-Patch1:         gnutls-CVE-2016-7444.patch

-Patch2:         gnutls-CVE-2017-7869.patch

+Source0:        http://ftp.heanet.ie/mirrors/ftp.gnupg.org/gcrypt/gnutls/v3.5/%{name}-%{version}.tar.xz

+%define sha1    gnutls=9b7466434332b92dc3ca704b9211370370814fac

 Group:          System Environment/Libraries

 Vendor:         VMware, Inc.

 Distribution:   Photon

@@ -38,15 +35,17 @@ developing applications that use gnutls.

 %prep

 %setup -q

-%patch0 -p1

-%patch1 -p1

-%patch2 -p1

 %build

+# check for trust store file presence

+[ -f %{_sysconfdir}/pki/tls/certs/ca-bundle.crt ] || exit 1

+

 ./configure \

     --prefix=%{_prefix} \

     --without-p11-kit \

     --disable-openssl-compatibility \

-    --with-system-priority-file=%{_sysconfdir}/gnutls/default-priorities

+    --with-included-unistring \

+    --with-system-priority-file=%{_sysconfdir}/gnutls/default-priorities \

+    --with-default-trust-store-file=%{_sysconfdir}/pki/tls/certs/ca-bundle.crt

 make %{?_smp_mflags}

 %install

 make DESTDIR=%{buildroot} install

@@ -69,12 +68,16 @@ make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}

 %{_mandir}/man1/*

 %{_mandir}/man3/*

 %{_datadir}/locale/*

+%{_docdir}/gnutls/*.png

+

 %files devel

 %defattr(-,root,root)

 %{_includedir}/%{name}/*.h

 %{_libdir}/*.so

 %{_libdir}/pkgconfig/*.pc

 %changelog

+*   Tue Oct 17 2017 Xiaolin Li <xiaolinl@vmware.com> 3.5.15-1

+-   Update to 3.5.15. Fixes CVE-2017-7507

 *   Thu May 04 2017 Xiaolin Li <xiaolinl@vmware.com> 3.4.11-4

 -   Apply patch for CVE-2017-7869

 *   Tue Apr 25 2017 Xiaolin Li <xiaolinl@vmware.com> 3.4.11-3

deleted file mode 100644

@@ -1,32 +0,0 @@

-diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c

-index 50d3d09..8c32d1c 100644

-+++ b/lib/gnutls_priority.c

-@@ -1066,6 +1066,8 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,

- 	rmadd_func *fn;

- 	bulk_rmadd_func *bulk_fn;

- 	bulk_rmadd_func *bulk_given_fn;

-+	unsigned int default_set = 0;

-+

- 	const cipher_entry_st *centry;

- 

- 	if (err_pos)

-@@ -1084,10 +1086,16 @@ gnutls_priority_init(gnutls_priority_t * priority_cache,

- 	(*priority_cache)->sr = SR_PARTIAL;

- 	(*priority_cache)->min_record_version = 1;

- 

--	if (priorities == NULL)

--		priorities = "NORMAL";

-+	if (priorities == NULL) {

-+		priorities = "@SYSTEM";

-+		default_set = 1;

-+	}

- 

- 	darg = resolve_priorities(priorities);

-+	if (darg == NULL && default_set == 1) {

-+		priorities = "NORMAL";

-+		darg = resolve_priorities(priorities);

-+	}

- 	if (darg == NULL) {

- 		gnutls_assert();

- 		goto error;

deleted file mode 100644

@@ -1,22 +0,0 @@

-diff -rupr a/lib/decoding.c b/lib/decoding.c

-+++ b/lib/decoding.c	2016-11-30 14:23:11.096199084 -0800

-@@ -767,10 +767,17 @@ _asn1_extract_der_octet (asn1_node node,

-   DECR_LEN(der_len, len3);

- 

-   if (len2 == -1)

--    counter_end = der_len - 2;

-+    {

-+      if (der_len < 2)

-+        return ASN1_DER_ERROR;

-+      counter_end = der_len - 2;

-+    }

-   else

-     counter_end = der_len;

- 

-+  if (counter_end < counter)

-+    return ASN1_DER_ERROR;

-+

-   while (counter < counter_end)

-     {

-       DECR_LEN(der_len, 1);

new file mode 100644

@@ -0,0 +1,42 @@

+diff --git a/lib/parser_aux.c b/lib/parser_aux.c

+index 976ab38..786ea64 100644

+--- a/lib/parser_aux.c

+@@ -955,7 +955,7 @@ _asn1_check_identifier (asn1_node node)

+ 	  if (p2 == NULL)

+ 	    {

+ 	      if (p->value)

+-		_asn1_strcpy (_asn1_identifierMissing, p->value);

++		_asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p->value);

+ 	      else

+ 		_asn1_strcpy (_asn1_identifierMissing, "(null)");

+ 	      return ASN1_IDENTIFIER_NOT_FOUND;

+@@ -968,9 +968,15 @@ _asn1_check_identifier (asn1_node node)

+ 	  if (p2 && (type_field (p2->type) == ASN1_ETYPE_DEFAULT))

+ 	    {

+ 	      _asn1_str_cpy (name2, sizeof (name2), node->name);

+-	      _asn1_str_cat (name2, sizeof (name2), ".");

+-	      _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);

+-	      _asn1_strcpy (_asn1_identifierMissing, p2->value);

++	      if (p2->value)

++	        {

++	          _asn1_str_cat (name2, sizeof (name2), ".");

++	          _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);

++	          _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);

++	        }

++	      else

++		_asn1_strcpy (_asn1_identifierMissing, "(null)");

++

+ 	      p2 = asn1_find_node (node, name2);

+ 	      if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID) ||

+ 		  !(p2->type & CONST_ASSIGN))

+@@ -990,7 +996,8 @@ _asn1_check_identifier (asn1_node node)

+ 		  _asn1_str_cpy (name2, sizeof (name2), node->name);

+ 		  _asn1_str_cat (name2, sizeof (name2), ".");

+ 		  _asn1_str_cat (name2, sizeof (name2), (char *) p2->value);

+-		  _asn1_strcpy (_asn1_identifierMissing, p2->value);

++		  _asn1_str_cpy (_asn1_identifierMissing, sizeof(_asn1_identifierMissing), (char*)p2->value);

++

+ 		  p2 = asn1_find_node (node, name2);

+ 		  if (!p2 || (type_field (p2->type) != ASN1_ETYPE_OBJECT_ID)

+ 		      || !(p2->type & CONST_ASSIGN))

@@ -1,25 +1,24 @@

-Summary:	ASN.1 library

-Name:		libtasn1

-Version:	4.7

-Release:	3%{?dist}

-License:	GPLv3+ and LGPLv2+

-URL:		http://www.gnu.org/software/libtasn1/

-Source0:	http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz

-%define sha1 libtasn1=1c2cf0b8c7954249cfd7842500fabe1c7fdcd5d5

-Group:		System Environment/Libraries

-Vendor:		VMware, Inc.

-Distribution:	Photon

-

-Patch0:         CVE-2016-4008.patch

+Summary:        ASN.1 library

+Name:           libtasn1

+Version:        4.12

+Release:        1%{?dist}

+License:        GPLv3+ and LGPLv2+

+URL:            http://www.gnu.org/software/libtasn1/

+Source0:        http://ftp.gnu.org/gnu/libtasn1/%{name}-%{version}.tar.gz

+%define sha1    libtasn1=f9a05b3b8acf319d89f07267407c03b184c4e3b0

+Group:          System Environment/Libraries

+Vendor:         VMware, Inc.

+Distribution:   Photon

+Patch0:         libtasn1-CVE-2017-10790.patch

 %description

 Libtasn1 library provides Abstract Syntax Notation One (ASN.1, as specified by the X.680 ITU-T recommendation) parsing and structures management, 

 and Distinguished Encoding Rules (DER, as per X.690) encoding and decoding functions.

 %package devel

-Summary:	Development libraries and header files for libtasn1

-Requires:	libtasn1

-Provides:	pkgconfig(libtasn1)

+Summary:    Development libraries and header files for libtasn1

+Requires:   libtasn1

+Provides:   pkgconfig(libtasn1)

 %description devel

 The package contains libraries and header files for

@@ -31,7 +30,7 @@ developing applications that use libtasn1.

 %build

 ./configure \

-	--prefix=%{_prefix}

+    --prefix=%{_prefix}

 make %{?_smp_mflags}

 %install

 make DESTDIR=%{buildroot} install

@@ -39,8 +38,8 @@ rm %{buildroot}%{_infodir}/*

 find %{buildroot}%{_libdir} -name '*.la' -delete

 %check

 make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}

-%post	-p /sbin/ldconfig

-%postun	-p /sbin/ldconfig

+%post   -p /sbin/ldconfig

+%postun -p /sbin/ldconfig

 %files

 %defattr(-,root,root)

 %{_libdir}/*.so.*

@@ -54,16 +53,18 @@ make -k check |& tee %{_specdir}/%{name}-check-log || %{nocheck}

 %{_libdir}/pkgconfig/*.pc

 %{_libdir}/*.a

 %changelog

-*       Wed Nov 30 2016 Dheeraj Shetty <dheerajs@vmware.com> 4.7-3

--       Added patch for CVE-2016-4008

-*	Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 4.7-2

--	GA - Bump release of all rpms

-* 	Fri Jan 15 2016 Xiaolin Li <xiaolinl@vmware.com> 4.7-1

-- 	Updated to version 4.7

+*   Tue Oct 17 2017 Xiaolin Li <xiaolinl@vmware.com> 4.12-1

+-   Update to 4.12 and apply patch for CVE-2017-10790

+*   Wed Nov 30 2016 Dheeraj Shetty <dheerajs@vmware.com> 4.7-3

+-   Added patch for CVE-2016-4008

+*   Tue May 24 2016 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 4.7-2

+-   GA - Bump release of all rpms

+*   Fri Jan 15 2016 Xiaolin Li <xiaolinl@vmware.com> 4.7-1

+-   Updated to version 4.7

 *   Mon Oct 12 2015 Xiaolin Li <xiaolinl@vmware.com> 4.5-3

 -   Moving static lib files to devel package.

 *   Fri Oct 9 2015 Xiaolin Li <xiaolinl@vmware.com> 4.5-2

 -   Removing la files from packages.

-*	Fri Jun 19 2015 Divya Thaluru <dthaluru@vmware.com> 4.5-1

--	Initial build. First version

+*   Fri Jun 19 2015 Divya Thaluru <dthaluru@vmware.com> 4.5-1

+-   Initial build. First version