* Noteworthy changes in release 4.20.0 (2025-02-01) [stable]
- The release tarball is now reproducible.
- We publish a minimal source-only tarball generated by 'git archive'.
- Update gnulib files and various build/maintenance fixes.
- Fix CVE-2024-12133: Potential DoS in handling of numerous SEQUENCE OF or SET
OF elements
License-Update: file COPYING.LESSER renamed to COPYING.LESSERv2 & Copyright year updated to 2025
(From OE-Core rev: 3a8633b9f522e0be31c08790a3f2050c6d052d93)
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Solves CVE-2024-12243
Refreshed patches
License-Update: multiple changes
* a8727cdb07
COPYING.LESSER updated wording to latest FSF version
* 75f5ea8073
LICENSE file merged to README.md
COPYING and COPYING.LESSERv2 moved to top-level directory
Release notes: https://gitlab.com/gnutls/gnutls/-/blob/3.8.9/NEWS?ref_type=tags
* Version 3.8.9 (released 2025-02-07)
** libgnutls: leancrypto was added as an interim option for PQC
The library can now be built with leancrypto instead of liboqs for
post-quantum cryptography (PQC), when configured with
--with-leancrypto option instead of --with-liboqs.
** libgnutls: Experimental support for ML-DSA signature algorithm
The library and certtool now support ML-DSA signature algorithm as
defined in FIPS 204 and based on
draft-ietf-lamps-dilithium-certificates-04. This feature is
currently marked as experimental and can only be enabled when
compiled with --with-leancrypto or --with-liboqs.
Contributed by David Dudas.
** libgnutls: Support for ML-KEM-1024 key encapsulation mechanism
The support for ML-KEM post-quantum key encapsulation mechanisms
has been extended to cover ML-KEM-1024, in addition to ML-KEM-768.
MLKEM1024 is only offered as SecP384r1MLKEM1024 hybrid as per
draft-kwiatkowski-tls-ecdhe-mlkem-03.
** libgnutls: Fix potential DoS in handling certificates with numerous name
constraints, as a follow-up of CVE-2024-12133 in libtasn1. The
bundled copy of libtasn1 has also been updated to the latest 4.20.0
release to complete the fix. Reported by Bing Shi (#1553).
[GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243]
** API and ABI modifications:
GNUTLS_PK_MLDSA44: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA65: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA87: New enum member of gnutls_pk_algorithm_t
GNUTLS_SIGN_MLDSA44: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA65: New enum member of gnutls_sign_algorithm_t
GNUTLS_SIGN_MLDSA87: New enum member of gnutls_sign_algorithm_t
(From OE-Core rev: 4313d931673dd86aaf590c68f7b1fa364d752740)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Recipes are much more readable with whitespace around the assignment operators.
Fix various assignments in OE-Core to show this is definitely the preferred
formatting.
(From OE-Core rev: 30ea609d3357fb3de911f2f6a5e6856c151b976a)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In 3.8.7 is that the linkage to compression libraries were changed to use a new
tool called dlwrap, this caused issues during the last upgrade but is resolved
now with the update to 3.8.8. Remove the workarounds for the update hence.
Changes in 3.8.8 include:
* libgnutls:
* Experimental support for X25519MLKEM768 and SecP256r1MLKEM768
key exchange in TLS 1.3
* All records included in an OCSP response are now checked in TLS
* Handling of malformed compress_certificate extension is now more standard
compliant
* More flexible library linking options for compression libraries, TPM, and
liboqs support. The configure options, --with-zstd, --with-brotli, --with-zlib,
--with-tpm2, and --with-liboqs now take 4 states:
yes/link/dlopen/no, to specify how the libraries are linked or
loaded.
Do not set a specific library linking option but use the default(yes).
(From OE-Core rev: 6620623ce280d20c2430ba87ba276a0490b05080)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
A notable change in 3.8.7 is that the linkage to compression libraries
was changed to use a new tool called dlwrap, so these libraries should
be loaded at runtime with dlopen() instead of dynamically linked at
build time. However, the dlopen() detection fails in cross builds[1] and
it falls back to dynamic linking so this isn't an issue we need to deal
with at present.
Also note that whilst dlwrap is a tool written in rust that needs the
clang includes, it's a maintainer tool and the generated files are in
git, so we should never need to rerun it.
Backport a patch to fix AM_CONDITIONAL to resolve linkage problems.
The 3.8.7.1 tarball is actually just a rebuild of 3.8.7 with the
translations included (which were missing in 3.8.7), so set S explicitly
for this release.
[1] https://gitlab.com/gnutls/gnutls/-/issues/1583
(From OE-Core rev: d38f32f493192fa5965f7271ef6ba5aae33849f5)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
** libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12
To be compliant with FIPS 140-3, PKCS#12 files with MAC based on
PBKDF2 (PBMAC1) is now supported, according to the specification
proposed in draft-ietf-lamps-pkcs12-pbmac1.
** libgnutls: SHA3 extendable output functions (XOF) are now supported
SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new
public API gnutls_hash_squeeze.
** API and ABI modifications:
gnutls_pkcs12_generate_mac3: New function
gnutls_pkcs12_flags_t: New enum
gnutls_hash_squeeze: New function
(From OE-Core rev: 61e7888c8e31ac2adee9eb75ee2393125ef9b433)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When upgrading gnutls to the newest version 3.8.5, some ptest failed.
Backported a patch from upstream gnutls(not in any release yet) to
fix this issue.
(From OE-Core rev: 25135cd910e24117aa493abcb7f6aeee0b84ab82)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add-ptest-support.patch
refreshed for 3.8.5
Changelog:
==========
* libgnutls: Due to majority of usages and implementations of
RSA decryption with PKCS#1 v1.5 padding being incorrect,
leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
is being deprecated (encryption and decryption) and will be
disabled in the future.
* libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
backward compatibility with GCR.
* libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
v1.5 decryption error handling and deterministic ECDSA with earlier
versions of GMP.
* build: Fixed a bug where building gnutls statically failed due
to a duplicate definition of nettle_rsa_compute_root_tr().
(From OE-Core rev: 594ef33f9d5bc6fba1c9b1393936f26920406826)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Upgrade gnutls SRCREV for new version
- Refresh patches for 3.8.4
Changelog:
==========
** libgnutls: RSA-OAEP encryption scheme is now supported
To use it with an unrestricted RSA private key, one would need to
initialize a gnutls_x509_spki_t object with necessary parameters
for RSA-OAEP and attach it to the private key. It is also possible
to import restricted private keys if they are stored in PKCS#8
format.
** libgnutls: Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516).
[GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
** libgnutls: Fixed a bug where certtool crashed when verifying a certificate
chain with more than 16 certificates. Reported by William Woodruff (#1525)
and yixiangzhike (#1527).
[GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835]
** libgnutls: Compression libraries are now loaded dynamically as needed
instead of all being loaded during gnutls library initialization.
As a result, the library initialization should be faster.
** build: The gnutls library can now be linked with the static library
of GMP. Note that in order for this to work libgmp.a needs to be
compiled with -fPIC and libhogweed in Nettle also has to be linked
to the static library of GMP. This can be used to prevent custom
memory allocators from being overriden by other applications.
** API and ABI modifications:
gnutls_x509_spki_get_rsa_oaep_params: New function.
gnutls_x509_spki_set_rsa_oaep_params: New function.
GNUTLS_PK_RSA_OAEP: New enum member of gnutls_pk_algorithm_t.
(From OE-Core rev: feaa2b8065c7a02b52aa55954f05a3ee66260305)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There are AB-INT issues with the gnutls tests and the test for naked-alerts is
failing. Tweak the run-ptest script to save the error log to obtain more infos
for debugging. Related to [YOCTO #15352].
(From OE-Core rev: 9665d272df34bcb2811a2f7a1afccabe4bebc9d1)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade version to adress recent CVE findings.
Changelog
=========
** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange
[GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553]
** libgnutls: Fix assertion failure when verifying a certificate chain with a
cycle of cross signatures
[GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567]
** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token
certtool was unable to handle Ed25519 keys generated on PKCS#11
with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2.
(From OE-Core rev: 705d2972b38efc9f331e3635c07ca92f8812b365)
Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This was made obsoleten in 3.5.0 when crywrap was removed from the
GnuTLS source tree.
(From OE-Core rev: b49dc6f29533ab7debd299419c8b891e106f5d9d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Don't always build the tests in do_compile, use do_compile_ptest so they
are only built when needed.
(From OE-Core rev: 5f4b10a3361e273d22bc880b4127eb53291be47d)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Instead of using an internal ASN.1 parser, re-use libtasn1 from the
system by default.
(From OE-Core rev: db20ffc4ffb5e734258f0a9f9d1fb72d1f0df490)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
GnuTLS has optional support for certificate compression. These are not
widely enabled in other distributions and were previously disabled in
standard builds, so don't enable them by default.
(From OE-Core rev: d22a406e7ca3018e0d1c0a7b1b6254c2aba6faba)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
DANE (DNS-based Authentication of Named Entities) allows certificates to
be bound to DNS entries.
This requires unbound which is not part of oe-core. Add a PACKAGECONFIG
but disable by default.
(From OE-Core rev: cfb328b2a7c35a8c1e0dd7cd8c7552a0837db206)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add dependency on python3 to fix execution in minimal images.
(From OE-Core rev: bf5b15a8b7a2b2276109efc8a6fe54788908ef0d)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Add gnutls unit-tests into ptest. Only self-contained
tests (no external file system dependencies) are included.
Some tests have been put in a disallow list in the run-ptest;
these tests either require additional files (certificates) or
environment setup prior to being run, via wrapper shell script.
As autotools packages are built out-of-tree, it is cumbersome
to add additional files. With regards to tests requiring wrapper
scripts, it is possible to add logic to run these tests under
run-ptests but that will require more effort to maintain, hence
skipped.
Verified via:
$ runqemu qemux86-64 kvm nographic serial qemuparams='-m 4096 -smp 32'
root@qemux86-64:~# ptest-runner gnutls
START: ptest-runner
BEGIN: /usr/lib64/gnutls/ptest
PASS: aead-cipher-vec
PASS: alerts
PASS: anti_replay
...
gnutls test summary:
--------------------
total: 375
pass : 364
fail : 0
skip : 11
DURATION: 184
END: /usr/lib64/gnutls/ptest
2023-02-01T13:55
STOP: ptest-runner
TOTAL: 1 FAIL: 0
(From OE-Core rev: 6061df3084b991ba4a54a3dca5dadda97e2364ac)
Signed-off-by: Ravineet Singh <ravineet.a.singh@est.tech>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
=========
** libgnutls: In FIPS140 mode, RSA signature verification is an approved
operation if the key has modulus with known sizes (1024, 1280,
1536, and 1792 bits), in addition to any modulus sizes larger than
2048 bits, according to SP800-131A rev2.
** libgnutls: gnutls_session_channel_binding performs additional checks when
GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the
"tls-exporter" channel binding is only usable when the handshake is
bound to a unique master secret (i.e., either TLS 1.3 or extended
master secret extension is negotiated). Otherwise the function now
returns error.
** libgnutls: usage of the following functions, which are designed to
loosen restrictions imposed by allowlisting mode of configuration,
has been additionally restricted. Invoking them is now only allowed
if system-wide TLS priority string has not been initialized yet:
gnutls_digest_set_secure
gnutls_sign_set_secure
gnutls_sign_set_secure_for_certs
gnutls_protocol_set_enabled
(From OE-Core rev: 858886aa07d0c2c2ef2489996cc8eca5fbe931fa)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
create-spdx can't detect the license properly if the case doesn't
match, so fix it.
(From OE-Core rev: 9c87828493784d996910d742006268a626ef0130)
Signed-off-by: Keiya Nobuta <nobuta.keiya@fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Added a patch to avoid excute fipshmac command. Because *.hmac
file should be created on target instead of on build environment.
- Added pkg_postinst_ontarget to make sure necessary files are
created on target.
(From OE-Core rev: 1b5c620d10aa678871b6cea46e113c8fe3b79822)
Signed-off-by: Lei Maohui <leimaohui@fujitsu.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An automated conversion using scripts/contrib/convert-spdx-licenses.py to
convert to use the standard SPDX license identifiers. Two recipes in meta-selftest
were not converted as they're that way specifically for testing. A change in
linux-firmware was also skipped and may need a more manual tweak.
(From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This ensures that if libseccomp is installed on build host then it does
not resort to use it.
Fixes
checking for libseccomp... (cached) yes
checking how to link with libseccomp... /usr/lib/libseccomp.so
(From OE-Core rev: 3751ac58720a500e3b749b2296922d7c82db49a1)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* it will try to link with librt from host and if you have it on host (libc6-dev-i386 in ubuntu)
it fails with:
/usr/lib32/librt.so: error: undefined reference to '__clock_settime', version 'GLIBC_PRIVATE'
/usr/lib32/librt.so: error: undefined reference to '__clock_getcpuclockid', version 'GLIBC_PRIVATE'
/usr/lib32/librt.so: error: undefined reference to '__clock_getres', version 'GLIBC_PRIVATE'
/usr/lib32/librt.so: error: undefined reference to '__clock_nanosleep', version 'GLIBC_PRIVATE'
collect2: error: ld returned 1 exit status
in older 3.6.14 it was using /usr/lib32/librt.so from host as well, but without do_compile
failing
configure:17539: checking for librt
configure:17563: i686-oe-linux-gcc -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0=/usr/src/debug/gnutls/3.6.14-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0=/usr/src/debug/gnutls/3.6.14-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot= -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.14-r0/recipe-sysroot-native= -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-z,relro,-z,now conftest.c /usr/lib32/librt.so >&5
configure:17563: $? = 0
configure:17573: result: yes
configure:17580: checking how to link with librt
configure:17582: result: /usr/lib32/librt.so
with --with-librt-prefix passed, it finds the right one as shown in build/config.log:
configure:17551: checking for librt
configure:17575: i686-oe-linux-gcc -m32 -march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security -Werror=return-type --sysroot=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot -o conftest -O2 -pipe -g -feliminate-unused-debug-types -fmacro-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0=/usr/src/debug/gnutls/3.6.15-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0=/usr/src/debug/gnutls/3.6.15-r0 -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot= -fdebug-prefix-map=/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot-native= -I/tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/include -Wl,-O1 -Wl,--hash-style=gnu -Wl,--as-needed -Wl,-z,relro,-z,now conftest.c /tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/lib/librt.so >&5
configure:17575: $? = 0
configure:17585: result: yes
configure:17592: checking how to link with librt
configure:17594: result: /tmpdir/work/qemux86-oe-linux/gnutls/3.6.15-r0/recipe-sysroot/usr/lib/librt.so
(From OE-Core rev: d355cd38904460f3add2b0b9477e8ddfd42b22e1)
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
