From 3c0ee622a86780f4d4dd46b0500f44a85c461247a71687b60405ea7d26e124e9 Mon Sep 17 00:00:00 2001
From: Stephan Kulow <coolo@suse.com>
Date: Fri, 2 Dec 2011 15:25:49 +0000
Subject: [PATCH] Accepting request 94864 from Base:System

Fix licenses (forwarded request 94646 from vuntz)

OBS-URL: https://build.opensuse.org/request/show/94864
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=40
---
 CVE-2011-4128.patch | 20 ++++++++++++++++++++
 gnutls.changes      | 18 ++++++++++++++++++
 gnutls.spec         | 25 ++++++++++++-------------
 3 files changed, 50 insertions(+), 13 deletions(-)
 create mode 100644 CVE-2011-4128.patch

diff --git a/CVE-2011-4128.patch b/CVE-2011-4128.patch
new file mode 100644
index 0000000..c745664
--- /dev/null
+++ b/CVE-2011-4128.patch
@@ -0,0 +1,20 @@
+Index: gnutls-3.0.3/lib/gnutls_session.c
+===================================================================
+--- gnutls-3.0.3.orig/lib/gnutls_session.c
++++ gnutls-3.0.3/lib/gnutls_session.c
+@@ -63,13 +63,14 @@ gnutls_session_get_data (gnutls_session_
+       gnutls_assert ();
+       return ret;
+     }
+-  *session_data_size = psession.size;
+ 
+   if (psession.size > *session_data_size)
+     {
++      *session_data_size = psession.size;
+       ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+       goto error;
+     }
++  *session_data_size = psession.size;
+ 
+   if (session_data != NULL)
+     memcpy (session_data, psession.data, psession.size);
diff --git a/gnutls.changes b/gnutls.changes
index 54c194c..642a3f6 100644
--- a/gnutls.changes
+++ b/gnutls.changes
@@ -1,3 +1,21 @@
+-------------------------------------------------------------------
+Wed Nov 30 12:43:57 UTC 2011 - vuntz@opensuse.org
+
+- Fix licenses (bnc#733661): the applications as well as
+  gnutls-extra and gnutls-openssl libraries are under GPL-3.0+
+  while the library is LGPL-3.0+.
+
+-------------------------------------------------------------------
+Wed Nov 30 09:57:27 UTC 2011 - coolo@suse.com
+
+- add automake as buildrequire to avoid implicit dependency
+
+-------------------------------------------------------------------
+Mon Nov 14 07:29:29 UTC 2011 - gjhe@suse.com
+
+- fix #Bug 729486 - gnutls: buffer overflow
+  CVE-2011-4128
+
 -------------------------------------------------------------------
 Mon Oct 17 13:21:57 UTC 2011 - vuntz@opensuse.org
 
diff --git a/gnutls.spec b/gnutls.spec
index cba9bb6..a48c534 100644
--- a/gnutls.spec
+++ b/gnutls.spec
@@ -24,7 +24,7 @@
 Name:           gnutls
 Version:        3.0.3
 Release:        1
-License:        LGPLv3+
+License:        LGPL-3.0+ ; GPL-3.0+
 Summary:        The GNU Transport Layer Security Library
 Url:            http://www.gnutls.org/
 Group:          Productivity/Networking/Security
@@ -34,6 +34,8 @@ Source1:        baselibs.conf
 Patch0:         gnutls-fix-compression.patch
 # PATCH-FIX-UPSTREAM gnutls-fix-crash-on-strcat.patch bnc#724421 vuntz@opensuse.org -- Fix a crash because of badly used strcat, sent upstream by mail on 2011-10-17
 Patch1:         gnutls-fix-crash-on-strcat.patch
+Patch2:         CVE-2011-4128.patch
+BuildRequires:  automake
 BuildRequires:  gcc-c++
 BuildRequires:  libnettle-devel >= 2.2
 BuildRequires:  p11-kit-devel
@@ -54,8 +56,7 @@ layer over a reliable transport layer. Currently the GnuTLS library
 implements the proposed standards of the IETF's TLS working group.
 
 %package -n libgnutls%{gnutls_sover}
-
-License:        LGPLv2.1+
+License:        LGPL-3.0+
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security
 
@@ -65,8 +66,7 @@ layer over a reliable transport layer. Currently the GnuTLS library
 implements the proposed standards of the IETF's TLS working group.
 
 %package -n libgnutlsxx%{gnutlsxx_sover}
-
-License:        LGPLv2.1+
+License:        LGPL-3.0+
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security
 
@@ -77,8 +77,7 @@ implements the proposed standards of the IETF's TLS working group.
 
 
 %package -n libgnutls-extra%{gnutls_extra_sover}
-
-License:        GPLv3+
+License:        GPL-3.0+
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security
 
@@ -89,8 +88,7 @@ implements the proposed standards of the IETF's TLS working group.
 
 
 %package -n libgnutls-openssl%{gnutls_ossl_sover}
-
-License:        GPLv3+
+License:        GPL-3.0+
 Summary:        The GNU Transport Layer Security Library
 Group:          Productivity/Networking/Security
 
@@ -101,7 +99,7 @@ implements the proposed standards of the IETF's TLS working group.
 
 
 %package -n libgnutls-devel
-License:        LGPLv2.1+
+License:        LGPL-3.0+
 Summary:        Development package for gnutls
 Group:          Development/Libraries/C and C++
 PreReq:         %install_info_prereq
@@ -112,7 +110,7 @@ Requires:       libgnutls%{gnutls_sover} = %{version}
 Files needed for software development using gnutls.
 
 %package -n libgnutlsxx-devel
-License:        LGPLv2.1+
+License:        LGPL-3.0+
 Summary:        Development package for gnutls
 Group:          Development/Libraries/C and C++
 PreReq:         %install_info_prereq
@@ -125,7 +123,7 @@ Files needed for software development using gnutls.
 
 
 %package -n libgnutls-openssl-devel
-License:        LGPLv2.1+
+License:        GPL-3.0+
 Summary:        Development package for gnutls
 Group:          Development/Libraries/C and C++
 Requires:       libgnutls-openssl%{gnutls_ossl_sover} = %{version}
@@ -136,7 +134,7 @@ Files needed for software development using gnutls.
 
 
 %package -n libgnutls-extra-devel
-License:        GPLv3+
+License:        GPL-3.0+
 Summary:        The GNU Transport Layer Security Library
 Group:          Development/Libraries/C and C++
 Requires:       libgnutls-devel = %{version}
@@ -159,6 +157,7 @@ implements the proposed standards of the IETF's TLS working group.
 %setup -q
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 %build
 %configure \