openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-22 03:54:34 +04:00
Code Issues Packages Projects Releases Wiki Activity
34,589 Commits 12 Branches 1 Tag
d6a08b5ff1cb69bca0564d347cfde41c855efeda
Commit Graph

3 Commits

Author SHA1 Message Date
Pascal Ernster
7699915b87 gnutls: Update to version 3.8.9 
All patches refreshed.

Verbatim copy from upstream's NEWS file:

* Version 3.8.9 (released 2025-02-07)

** libgnutls: leancrypto was added as an interim option for PQC
   The library can now be built with leancrypto instead of liboqs for
   post-quantum cryptography (PQC), when configured with
   --with-leancrypto option instead of --with-liboqs.

** libgnutls: Experimental support for ML-DSA signature algorithm
   The library and certtool now support ML-DSA signature algorithm as
   defined in FIPS 204 and based on
   draft-ietf-lamps-dilithium-certificates-04. This feature is
   currently marked as experimental and can only be enabled when
   compiled with --with-leancrypto or --with-liboqs.
   Contributed by David Dudas.

** libgnutls: Support for ML-KEM-1024 key encapsulation mechanism
   The support for ML-KEM post-quantum key encapsulation mechanisms
   has been extended to cover ML-KEM-1024, in addition to ML-KEM-768.
   MLKEM1024 is only offered as SecP384r1MLKEM1024 hybrid as per
   draft-kwiatkowski-tls-ecdhe-mlkem-03.

** libgnutls: Fix potential DoS in handling certificates with numerous name
   constraints, as a follow-up of CVE-2024-12133 in libtasn1. The
   bundled copy of libtasn1 has also been updated to the latest 4.20.0
   release to complete the fix.  Reported by Bing Shi (#1553).
   [GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243]

** API and ABI modifications:
GNUTLS_PK_MLDSA44: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA65: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA87: New enum member of gnutls_pk_algorithm_t
GNUTLS_SIGN_MLDSA44: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA65: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA87: New enum member of gnutls_sign_algorithm_t

* Version 3.8.8 (released 2024-11-05)

** libgnutls: Experimental support for X25519MLKEM768 and SecP256r1MLKEM768 key exchange in TLS 1.3
   The support for post-quantum key exchanges has been extended to
   cover the final standard of ML-KEM, following
   draft-kwiatkowski-tls-ecdhe-mlkem. The minimum supported version of
   liboqs is bumped to 0.11.0.

** libgnutls: All records included in an OCSP response are now checked in TLS
   Previously, when multiple records are provided in a single OCSP
   response, only the first record was considered; now all those
   records are examined until the server certificate matches.

** libgnutls: Handling of malformed compress_certificate extension is now more standard compliant
   The server behavior of receiving a malformed compress_certificate
   extension now more strictly follows RFC 8879; return
   illegal_parameter alert instead of bad_certificate, as well as
   overlong extension data is properly rejected.

** build: More flexible library linking options for compression libraries, TPM, and liboqs support
   The configure options, --with-zstd, --with-brotli, --with-zlib,
   --with-tpm2, and --with-liboqs now take 4 states:
   yes/link/dlopen/no, to specify how the libraries are linked or
   loaded.

** API and ABI modifications:
No changes since last version.

* Version 3.8.7 (released 2024-08-15)

** libgnutls: New configure option to compile out DSA support
   The --disable-dsa configure option has been added to completely disable DSA
   algorithm support.

** libgnutls: Experimental support for X25519Kyber768Draft00 key exchange in TLS
   For testing purposes, the hybrid post-quantum key exchange defined
   in draft-tls-westerbaan-xyber768d00 has been implemented using
   liboqs. Since the algorithm is still not finalized, the support of
   this key exchange is disabled by default and can be enabled with
   the --with-liboqs configure option.

** API and ABI modifications:
GNUTLS_PK_MLKEM768: New enum member of gnutls_pk_algorithm_t

* Version 3.8.6 (released 2024-07-03)

** libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12
   To be compliant with FIPS 140-3, PKCS#12 files with MAC based on
   PBKDF2 (PBMAC1) is now supported, according to the specification
   proposed in draft-ietf-lamps-pkcs12-pbmac1.

** libgnutls: SHA3 extendable output functions (XOF) are now supported
   SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new
   public API gnutls_hash_squeeze.

** API and ABI modifications:
gnutls_pkcs12_generate_mac3: New function
gnutls_pkcs12_flags_t: New enum
gnutls_hash_squeeze: New function

Compile tested: x86/64, QEMU Standard PC (Q35 + ICH9, 2009), r29064-696ad7b1aa09
Compile tested: ath79/generic, TP-Link Archer C7 v4, r29064-696ad7b1aa09
Compile tested: realtek/rtl838x, Netgear GS108T v3, r29064-696ad7b1aa09
Run tested: x86/64, QEMU Standard PC (Q35 + ICH9, 2009), r29064-696ad7b1aa09, booted and used for 7h without issues
Run tested: ath79/generic, TP-Link Archer C7 v4, r29064-696ad7b1aa09, booted and used for 7h without issues
Run tested: realtek/rtl838x, Netgear GS108T v3, r29064-696ad7b1aa09, booted and used for 7h without issues

Signed-off-by: Pascal Ernster <git@hardfalcon.net>
 2025-03-23 09:24:45 +02:00
Pascal Ernster
46e7a3c342 gnutls: Update to version 3.8.5 
All patches automatically refreshed.

The most important changes are two "medium" CVEs fixed in GnuTLS 3.8.4:

- CVE-2024-28834 / GNUTLS-SA-2023-12-04
  A vulnerability was found that the deterministic ECDSA code leaks
  bit-length of random nonce which allows for full recovery of the
  private key used after observing a few hundreds to a few thousands of
  signatures on known messages, due to the application of lattice
  techniques.
  The issue was reported in the issue tracker as [#1516](https://gitlab.com/gnutls/gnutls/-/issues/1516).
- CVE-2024-28835 / GNUTLS-SA-2024-01-23
  When validating a certificate chain with more then 16 certificates
  GnuTLS applications crash with an assertion failure.
  The issue was reported in the issue tracker as [#1527](https://gitlab.com/gnutls/gnutls/-/issues/1527) and [#1525](https://gitlab.com/gnutls/gnutls/-/issues/1525).

Augmented copy/extract from upstream's NEWS file since GnuTLS 3.8.3:

- Version 3.8.5 (released 2024-04-04)
  - libgnutls: Due to majority of usages and implementations of
    RSA decryption with PKCS#1 v1.5 padding being incorrect,
    leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
    is being deprecated (encryption and decryption) and will be
    disabled in the future. A new option `allow-rsa-pkcs1-encrypt`
    has been added into the system-wide library configuration which
    allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the
    RSAES-PKCS1-v1_5 is enabled by default.
  - libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
    backward compatibility with GCR.
  - libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
    v1.5 decryption error handling and deterministic ECDSA with earlier
    versions of GMP.  These were a regression introduced in the 3.8.4
    release. See [#1535](https://gitlab.com/gnutls/gnutls/-/issues/1535) and [!1827](https://gitlab.com/gnutls/gnutls/-/merge_requests/1827).
  - build: Fixed a bug where building gnutls statically failed due
    to a duplicate definition of `nettle_rsa_compute_root_tr()`.
  - API and ABI modifications:
    - `GNUTLS_PKCS_PBES1_DES_SHA1`: New enum member of `gnutls_pkcs_encrypt_flags_t`.
- Version 3.8.4 (released 2024-03-18)
  - libgnutls: RSA-OAEP encryption scheme is now supported
    To use it with an unrestricted RSA private key, one would need to
    initialize a `gnutls_x509_spki_t` object with necessary parameters
    for RSA-OAEP and attach it to the private key. It is also possible
    to import restricted private keys if they are stored in PKCS#8
    format.
  - libgnutls: Fix side-channel in the deterministic ECDSA.
    Reported by George Pantelakis ([#1516](https://gitlab.com/gnutls/gnutls/-/issues/1516)).
    [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
  - libgnutls: Fixed a bug where certtool crashed when verifying a certificate
    chain with more than 16 certificates. Reported by William Woodruff ([#1525](https://gitlab.com/gnutls/gnutls/-/issues/1525))
    and yixiangzhike ([#1527](https://gitlab.com/gnutls/gnutls/-/issues/1527)).
    [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835]
  - libgnutls: Compression libraries are now loaded dynamically as needed
    instead of all being loaded during gnutls library initialization.
    As a result, the library initialization should be faster.
  - build: The gnutls library can now be linked with the static library
    of GMP.  Note that in order for this to work libgmp.a needs to be
    compiled with -fPIC and libhogweed in Nettle also has to be linked
    to the static library of GMP.  This can be used to prevent custom
    memory allocators from being overriden by other applications.
  - API and ABI modifications:
    - `gnutls_x509_spki_get_rsa_oaep_params`: New function.
    - `gnutls_x509_spki_set_rsa_oaep_params`: New function.
    - `GNUTLS_PK_RSA_OAEP`: New enum member of `gnutls_pk_algorithm_t`.

Signed-off-by: Pascal Ernster <git@hardfalcon.net>
 2024-05-02 20:20:29 +08:00
Sebastian Kemper
7310e7fc99 gnutls: load libunistring-optional gnulib module 
Since a few days staging_dir/host/share/aclocal/ contains new m4 files
(libunistring-base.m4, libunistring-optional.m4, libunistring.m4 etc.)
that get applied during autoreconf. This changes the libunistring setup
enough that we run into problem (builds fail).

Load the libunistring-optional gnulib module in configure.ac to be able
to add/use the new configure switch "--with-included-libunistring".

This is at most a workaround. This should be followed up with gnutls
upstream to clean this up.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
 2023-05-13 20:59:08 +02:00