community/mbedtls: security upgrade to 2.7.5 (CVE-2018-0497,CVE-2018-0498)

fixes #9239

3 files changed, 5 insertions, 41 deletions

diff --git a/community/mbedtls/APKBUILD b/community/mbedtls/APKBUILD
index baf9936f12..b56af113f2 100644
--- a/community/mbedtls/APKBUILD
+++ b/community/mbedtls/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Łukasz Jendrysik <scadu@yandex.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=mbedtls
-pkgver=2.7.0
+pkgver=2.7.5
 pkgrel=0
 pkgdesc="Light-weight cryptographic and SSL/TLS library"
 url="https://tls.mbed.org/"
@@ -10,7 +10,6 @@ license="GPL-2.0-or-later Apache-2.0"
 makedepends="cmake perl"
 subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
 source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/$pkgname/archive/$pkgname-$pkgver.tar.gz
-	dhm-Fix-typo-in-RFC-5114-constants.patch
 	"
 builddir="$srcdir/$pkgname-$pkgname-$pkgver"
 
@@ -23,6 +22,9 @@ builddir="$srcdir/$pkgname-$pkgname-$pkgver"
 #     - CVE-2017-18187
 #     - CVE-2018-0487
 #     - CVE-2018-0488
+#   2.7.5-r0:
+#     - CVE-2018-0497
+#     - CVE-2018-0498
 
 prepare() {
 	default_prepare
@@ -70,5 +72,4 @@ static() {
 	chmod -x "$subpkgdir"/usr/lib/*.a
 }
 
-sha512sums="411ec25d2cd51abbbfa2312195c4e65aa578855f6f909b8668375e6f5ce5401a00153cb4790328daaf85cd2d0ce647dbcc9fa556331e2d14709ba64aff883867  mbedtls-2.7.0.tar.gz
-cc8c012a32a97f3c516d84c17df1911628178ffce7c6efc829258a7bad10951949c04ab770d88883a84a566fbe40de1cd60bfdfa986be813f5dbe883b601b042  dhm-Fix-typo-in-RFC-5114-constants.patch"
+sha512sums="fb1925d59ce8a532791ba73e67e7af334f25bd0a5d8031e9269bf104b3e03153f6b7f3496727d3735a1263e56b4e01403bfa541161d8e918a45312e069bc14e9  mbedtls-2.7.5.tar.gz"
diff --git a/community/mbedtls/dhm-Fix-typo-in-RFC-5114-constants.patch b/community/mbedtls/dhm-Fix-typo-in-RFC-5114-constants.patch
deleted file mode 100644
index be994df9f1..0000000000
--- a/community/mbedtls/dhm-Fix-typo-in-RFC-5114-constants.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-From 129f50838bf14f4e1319f06f41c827fae9cc4b73 Mon Sep 17 00:00:00 2001
-From: Jaeden Amero <jaeden.amero@arm.com>
-Date: Thu, 8 Feb 2018 14:25:36 +0000
-Subject: [PATCH] dhm: Fix typo in RFC 5114 constants
-
-We accidentally named the constant MBEDTLS_DHM_RFC5114_MODP_P instead of
-MBEDTLS_DHM_RFC5114_MODP_2048_P.
-
-Fixes #1358
----
- include/mbedtls/dhm.h | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/include/mbedtls/dhm.h b/include/mbedtls/dhm.h
-index da2e66b111..00fafd8d16 100644
---- a/include/mbedtls/dhm.h
-+++ b/include/mbedtls/dhm.h
-@@ -372,7 +372,7 @@ MBEDTLS_DEPRECATED typedef char const * mbedtls_deprecated_constant_t;
-  * in <em>RFC-5114: Additional Diffie-Hellman Groups for Use with
-  * IETF Standards</em>.
-  */
--#define MBEDTLS_DHM_RFC5114_MODP_P                              \
-+#define MBEDTLS_DHM_RFC5114_MODP_2048_P                         \
-     MBEDTLS_DEPRECATED_STRING_CONSTANT(                         \
-         "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"      \
-         "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15"      \
diff --git a/community/mbedtls/verbose-testsuite.patch b/community/mbedtls/verbose-testsuite.patch
deleted file mode 100644
index e039c27ca1..0000000000
--- a/community/mbedtls/verbose-testsuite.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- mbedtls-2.4.0/tests/CMakeLists.txt.orig
-+++ mbedtls-2.4.0/tests/CMakeLists.txt
-@@ -31,7 +31,7 @@
-     include_directories(${CMAKE_CURRENT_SOURCE_DIR})
-     add_executable(test_suite_${data_name} test_suite_${data_name}.c)
-     target_link_libraries(test_suite_${data_name} ${libs})
--    add_test(${data_name}-suite test_suite_${data_name})
-+    add_test(${data_name}-suite test_suite_${data_name} --verbose)
- endfunction(add_test_suite)
- 
- if(CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_CLANG)