GNUTLS - Version 2.12.23 CVE-2014-0092 (PATCH!)

Discussions Regarding Software

Moderator: Moderators

Post Reply
winrar
Baby Hen
Posts: 3
Joined: Thu Mar 06, 2014 1:52

GNUTLS - Version 2.12.23 CVE-2014-0092 (PATCH!)

Post by winrar » Thu Mar 06, 2014 2:10

Hello All,

After the recent light, I decided to patch my GNUTLS. I presume everyone has the same version, unless a you're on a nightly build and they fixed it already... if not:

Code: Select all

sudo equo install pkg-config
cd ~/Downloads/
wget ftp://ftp.gnutls.org/gcrypt/gnutls/v2.12/gnutls-2.12.23.tar.bz2
tar -xvf gnutls-2.12.23.tar.bz2
cd ~/Downloads/gnutls-2.12.23/lib/x509
cp verify.c verify.OLD
wget https://www.gitorious.org/gnutls/gnutls/commit/6aa26f78150ccbdf0aec1878a41c17c41d358a3b.diff -O verify.patch
patch verify.c < verify.patch
cd ~/Downloads/gnutls-2.12.23
./configure --prefix=/usr
sudo make
sudo make install
And... You should be done like dinner. :D

Same old disclaimer, it might break something, it might not. I used the patch that the Author wrote, so if it does break, blame him!!!

Cheers!

Cb7
Growing Hen
Posts: 104
Joined: Sun Apr 07, 2013 7:13

Re: GNUTLS - Version 2.12.23 CVE-2014-0092 (PATCH!)

Post by Cb7 » Mon Mar 10, 2014 18:45

Sorrry, but I kinda can't get out of impression, that you just have wasted your time.

I do not know about sabayon-weekly repo, but for sabayonlinux.org there was quick update to net-libs/gnutls package in the middle of the week.

My guess is that if you weren't so quick to just do it by yourself, you would have noticed that.. or maybe not.
Why, and how to add "[Solved]" to your post. Please read. ← credits to Fitzcarraldo

Kind regards
~Zetok Zalbavar

Post Reply