zhangyiss/spack
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

mbedtls: add v2.28.9, v3.6.2 (fix CVEs) (#46637)

Browse Source 
* mbedtls: add v2.28.9, v3.6.1 (fix CVEs)
* mbedtls: add v3.6.2
This commit is contained in:
Wouter Deconinck 2024-11-10 17:09:06 -06:00 committed by GitHub
parent 913dcd97bc
commit f5b8b0ac5d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
var/spack/repos/builtin/packages/mbedtls/package.py
View File

@ -18,13 +18,18 @@ class Mbedtls(MakefilePackage):
maintainers("haampie")
license("Apache-2.0 OR GPL-2.0-or-later")
license("Apache-2.0 OR GPL-2.0-or-later", checked_by="wdconinc")
# version 3.x
version("3.6.2", sha256="8b54fb9bcf4d5a7078028e0520acddefb7900b3e66fec7f7175bb5b7d85ccdca")
with default_args(deprecated=True):
# https://nvd.nist.gov/vuln/detail/CVE-2024-45159
version("3.6.1", sha256="fc8bef0991b43629b7e5319de6f34f13359011105e08e3e16eed3a9fe6ffd3a3")
version("3.6.0", sha256="3ecf94fcfdaacafb757786a01b7538a61750ebd85c4b024f56ff8ba1490fcd38")
version("3.3.0", sha256="a22ff38512697b9cd8472faa2ea2d35e320657f6d268def3a64765548b81c3ec")
# version 2.x
version("2.28.9", sha256="e85ea97aaf78dd6c0a5ba2e54dd5932ffa15f39abfc189c26beef7684630c02b")
version("2.28.8", sha256="241c68402cef653e586be3ce28d57da24598eb0df13fcdea9d99bfce58717132")
version("2.28.2", sha256="1db6d4196178fa9f8264bef5940611cd9febcd5d54ec05f52f1e8400f792b5a4")
version("2.7.19", sha256="3da12b1cebe1a25da8365d5349f67db514aefcaa75e26082d7cb2fa3ce9608aa")
@ -79,7 +84,10 @@ class Mbedtls(MakefilePackage):
def url_for_version(self, version):
if self.spec.satisfies("@:2.28.7,3:3.5"):
return f"https://github.com/Mbed-TLS/mbedtls/archive/refs/tags/v{version}.tar.gz"
if self.spec.satisfies("@2.28.8,3.6.0"):
return f"https://github.com/Mbed-TLS/mbedtls/releases/download/v{version}/mbedtls-{version}.tar.bz2"
# release tags for @2.28.9:2,3.6.1:
return f"https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-{version}/mbedtls-{version}.tar.bz2"
def flag_handler(self, name, flags):
# Compile with PIC, if requested.