diff --git a/backport-fix-CVE-2024-28834-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch b/backport-fix-CVE-2024-28834-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch index 5895cfe35e541fc8a79f944d16dcb4dd64576a07..47010f16d2793a397c758552a6a8033c3d95ead0 100644 --- a/backport-fix-CVE-2024-28834-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch +++ b/backport-fix-CVE-2024-28834-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch @@ -22,10 +22,10 @@ Conflict: lib/nettle/pk.c, lib/nettle/int/dsa-compute-k.c | 82 ++++++++++++++++++++----------- lib/nettle/int/dsa-compute-k.h | 31 +++++++++--- lib/nettle/int/ecdsa-compute-k.c | 33 +++---------- - lib/nettle/int/ecdsa-compute-k.h | 1 + + lib/nettle/int/ecdsa-compute-k.h | 8 +-- lib/nettle/pk.c | 79 +++++++++++++++++++---------- tests/sign-verify-deterministic.c | 2 +- - 6 files changed, 138 insertions(+), 90 deletions(-) + 6 files changed, 138 insertions(+), 97 deletions(-) diff --git a/lib/nettle/int/dsa-compute-k.c b/lib/nettle/int/dsa-compute-k.c index 17d6331..649a194 100644 @@ -278,13 +278,20 @@ index 94914eb..d98f246 100644 - return ret; -} diff --git a/lib/nettle/int/ecdsa-compute-k.h b/lib/nettle/int/ecdsa-compute-k.h -index 7ca401d..593910a 100644 +index 7ca401d..a7e612b 100644 --- a/lib/nettle/int/ecdsa-compute-k.h +++ b/lib/nettle/int/ecdsa-compute-k.h -@@ -33,5 +33,6 @@ _gnutls_ecdsa_compute_k (mpz_t k, - gnutls_mac_algorithm_t mac, - const uint8_t *digest, - size_t length); +@@ -26,12 +26,6 @@ + #include + #include /* includes gmp.h */ + +-int +-_gnutls_ecdsa_compute_k (mpz_t k, +- gnutls_ecc_curve_t curve, +- const mpz_t x, +- gnutls_mac_algorithm_t mac, +- const uint8_t *digest, +- size_t length); +int _gnutls_ecc_curve_to_dsa_q(mpz_t q, gnutls_ecc_curve_t curve); #endif /* GNUTLS_LIB_NETTLE_INT_ECDSA_COMPUTE_K_H */ diff --git a/gnutls.spec b/gnutls.spec index bf3014d0763ba4827fc213cfba2a465d41d1f04e..ef9ed8cbfb8088e3ccfb82899eabc50e9a270b44 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,6 +1,6 @@ Name: gnutls Version: 3.6.14 -Release: 15 +Release: 16 Summary: The GNU Secure Communication Protocol Library License: LGPLv2.1+ and GPLv3+ @@ -229,6 +229,9 @@ make check %{?_smp_mflags} %endif %changelog +* Tue Mar 26 2024 xuraoqing - 3.6.14-16 +- update patch to remove function declare in header file + * Sat Mar 23 2024 xuraoqing - 3.6.14-15 - fix CVE-2024-28834