| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 14_version_gettextcat.diff | Version filename of locale data (gnutls30.mo instead of gnutls.mo) This is necessary to make e.g. libgnutls26 and libgnutls28 co-installable. |
Andreas Metzler <ametzler@debian.org> | no | 2020-09-06 | ||
| 30_guile-snarf.diff | Work around guile-snarf hardcoding the at-build default compiler which breaks when it changes ion Debian. | Andreas Metzler <ametzler@debian.org> | no | debian | vendor | 2014-08-24 |
| 40_srptest_doubletimeout.diff | Increase timeout for srp test, fixing build error on mipsel | Andreas Metzler <ametzler@debian.org> | yes | upstream | vendor | 2022-04-13 |
| 50_Fix-removal-of-duplicate-certs-during-verification.patch | [PATCH] Fix removal of duplicate certs during verification | Zoltan Fridrich <zfridric@redhat.com> | no | 2022-10-17 | ||
| 51_add-gnulib-linkedhash-list-module.diff | Result of rebootstrapping with linkedhash-list module Needed for 50_Fix-removal-of-duplicate-certs-during-verification.patch . Add linkedhash-list to gnulib_modules= in bootstrap.conf and run ./bootstrap |
Andreas Metzler <ametzler@debian.org> | not-needed | vendor | 2022-10-31 | |
| 53-fips-fix-checking-on-hash-algorithm-used-in-ECDSA.patch | [PATCH 08/29] fips: fix checking on hash algorithm used in ECDSA Previously we checked against the "preferred" hash algorithm based on the curve, instead of the one actually used. |
Daiki Ueno <ueno@gnu.org> | no | 2022-09-20 | ||
| 54-fips-mark-composite-signature-API-not-approved.patch | [PATCH 09/29] fips: mark composite signature API not-approved This makes the FIPS service indicator to transit to not-approved when gnutls_privkey_sign_hash* is used. In FIPS, single-shot API (gnutls_privkey_sign_data*) is preferred over composite API. |
Daiki Ueno <ueno@gnu.org> | no | 2022-09-29 | ||
| 60-auth-rsa_psk-side-step-potential-side-channel.patch | [PATCH 11/29] auth/rsa_psk: side-step potential side-channel This removes branching that depends on secret data, porting changes for regular RSA key exchange from 4804febddc2ed958e5ae774de2a8f85edeeff538 and 80a6ce8ddb02477cd724cd5b2944791aaddb702a. This also removes the allow_wrong_pms as it was used sorely to control debug output depending on the branching. |
Daiki Ueno <ueno@gnu.org> | no | 2023-10-23 | ||
| 61-x509-detect-loop-in-certificate-chain.patch | [PATCH 12/29] x509: detect loop in certificate chain There can be a loop in a certificate chain, when multiple CA certificates are cross-signed with each other, such as A → B, B → C, and C → A. Previously, the verification logic was not capable of handling this scenario while sorting the certificates in the chain in _gnutls_sort_clist, resulting in an assertion failure. This patch properly detects such loop and aborts further processing in a graceful manner. |
Daiki Ueno <ueno@gnu.org> | no | 2024-01-11 | ||
| 62-rsa-psk-minimize-branching-after-decryption.patch | [PATCH 13/29] rsa-psk: minimize branching after decryption This moves any non-trivial code between gnutls_privkey_decrypt_data2 and the function return in _gnutls_proc_rsa_psk_client_kx up until the decryption. This also avoids an extra memcpy to session->key.key. |
Daiki Ueno <ueno@gnu.org> | no | 2024-01-10 | ||
| 63_01-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch | [PATCH 1/5] gnutls_x509_trust_list_verify_crt2: remove length limit of input Previously, if cert_list_size exceeded DEFAULT_MAX_VERIFY_DEPTH, the chain verification logic crashed with assertion failure. This patch removes the restriction while keeping the maximum number of retrieved certificates being DEFAULT_MAX_VERIFY_DEPTH. |
Daiki Ueno <ueno@gnu.org> | no | 2024-01-29 | ||
| 63_02-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch | [PATCH 2/5] nettle: avoid normalization of mpz_t in deterministic ECDSA This removes function calls that potentially leak bit-length of a private key used to calculate a nonce in deterministic ECDSA. Namely: - _gnutls_dsa_compute_k has been rewritten to work on always zero-padded mp_limb_t arrays instead of mpz_t - rnd_mpz_func has been replaced with rnd_datum_func, which is backed by a byte array instead of an mpz_t value |
Daiki Ueno <ueno@gnu.org> | no | 2024-01-12 | ||
| 63_03-serv-fix-memleak-when-a-connected-client-disappears.patch | [PATCH 3/5] serv: fix memleak when a connected client disappears Reported by Hubert Kario. |
Daiki Ueno <ueno@gnu.org> | no | 2024-01-27 | ||
| 63_04-lib-fix-a-segfault-in-_gnutls13_recv_end_of_early_da.patch | [PATCH 4/5] lib: fix a segfault in _gnutls13_recv_end_of_early_data A crash occur in my app that uses gnutls13 early data, stack trace: #0 free (libc.so.6 + 0x97bf0) #1 _gnutls_buffer_clear (libgnutls.so.30 + 0x77c8c) #2 _gnutls13_recv_end_of_early_data (libgnutls.so.30 + 0xaf308) #3 _gnutls13_handshake_server (libgnutls.so.30 + 0x42d6c) #4 handshake_server (libgnutls.so.30 + 0x4ff6c) The root cause is that _gnutls_buffer_clear() was trying to free 'buf' that is not initialized or set if GNUTLS_NO_END_OF_EARLY_DATA flag is set on server side. This patch fixes it by simply initializing buf at the begginning of _gnutls13_recv_end_of_early_data(). |
Xin Long <lucien.xin@gmail.com> | no | 2024-02-01 | ||
| 63_05-lib-fix-a-potential-segfault-in-_gnutls13_recv_finis.patch | [PATCH 5/5] lib: fix a potential segfault in _gnutls13_recv_finished In _gnutls13_recv_finished(), 'buf' is not initialized or set when _gnutls13_compute_finished() returns an err, and goto cleanup may cause a segfault crash as it frees the uninitialized buf.allocd in _gnutls_buffer_clear(). So fix it by return if _gnutls13_compute_finished() returns an err in _gnutls13_recv_finished(). |
Xin Long <lucien.xin@gmail.com> | no | 2024-02-01 |