new upstream release

Resolves: rhbz#1148889
Related: rhbz#1148895

.gitignore

@@ -44,3 +44,4 @@ gnutls-2.10.1-nosrp.tar.bz2
 /gnutls-3.3.6-hobbled.tar.xz
 /gnutls-3.3.7-hobbled.tar.xz
 /gnutls-3.3.8-hobbled.tar.xz
+/gnutls-3.3.9-hobbled.tar.xz

gnutls-3.3.8-mem-issue.patch

@@ -1,95 +0,0 @@
-diff --git a/lib/gnutls_x509.c b/lib/gnutls_x509.c
-index b102f4d..a4921f9 100644
---- a/lib/gnutls_x509.c
-+++ b/lib/gnutls_x509.c
-@@ -697,11 +697,11 @@ static int
- read_cert_url(gnutls_certificate_credentials_t res, const char *url)
- {
- 	int ret;
--	gnutls_x509_crt_t crt;
-+	gnutls_x509_crt_t crt = NULL;
- 	gnutls_pcert_st *ccert;
- 	gnutls_str_array_t names;
- 	gnutls_datum_t t = {NULL, 0};
--	unsigned i;
-+	unsigned i, count = 0;
- 
- 	_gnutls_str_array_init(&names);
- 
-@@ -729,13 +729,13 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url)
- 
- 	if (ret < 0) {
- 		gnutls_assert();
--		goto cleanup1;
-+		goto cleanup;
- 	}
- 
- 	ret = get_x509_name(crt, &names);
- 	if (ret < 0) {
- 		gnutls_assert();
--		goto cleanup1;
-+		goto cleanup;
- 	}
- 
- 	/* Try to load the whole certificate chain from the PKCS #11 token */
-@@ -747,17 +747,18 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url)
-                 }
- 
- 		ret = gnutls_pcert_import_x509(&ccert[i], crt, 0);
--		gnutls_x509_crt_deinit(crt);
--
- 		if (ret < 0) {
- 			gnutls_assert();
- 			goto cleanup;
- 		}
-+		count++;
- 
- 		ret = gnutls_pkcs11_get_raw_issuer(url, crt, &t, GNUTLS_X509_FMT_DER, 0);
- 		if (ret < 0)
- 			break;
--			
-+
-+		gnutls_x509_crt_deinit(crt);
-+		crt = NULL;
- 		ret = gnutls_x509_crt_init(&crt);
- 		if (ret < 0) {
- 			gnutls_assert();
-@@ -767,23 +768,25 @@ read_cert_url(gnutls_certificate_credentials_t res, const char *url)
- 		ret = gnutls_x509_crt_import(crt, &t, GNUTLS_X509_FMT_DER);
- 		if (ret < 0) {
- 			gnutls_assert();
--			goto cleanup1;
-+			goto cleanup;
- 		}
- 		gnutls_free(t.data);
- 		t.data = NULL;
- 	}
- 
--	ret = certificate_credential_append_crt_list(res, names, ccert, i+1);
-+	ret = certificate_credential_append_crt_list(res, names, ccert, count);
- 	if (ret < 0) {
- 		gnutls_assert();
- 		goto cleanup;
- 	}
- 
--	return 0;
--cleanup1:
--	gnutls_x509_crt_deinit(crt);
-+	if (crt != NULL)
-+		gnutls_x509_crt_deinit(crt);
- 
-+	return 0;
- cleanup:
-+	if (crt != NULL)
-+		gnutls_x509_crt_deinit(crt);
- 	gnutls_free(t.data);
- 	_gnutls_str_array_clear(&names);
- 	gnutls_free(ccert);
-@@ -959,7 +962,6 @@ static int check_if_sorted(gnutls_pcert_st * crt, int nr)
- 			ret = gnutls_x509_crt_init(&x509);
- 			if (ret < 0)
- 				return gnutls_assert_val(ret);
--
- 			ret =
- 			    gnutls_x509_crt_import(x509, &crt[i].cert,
- 						   GNUTLS_X509_FMT_DER);

gnutls.spec

@@ -2,8 +2,8 @@
 %bcond_with guile
 Summary: A TLS protocol implementation
 Name: gnutls
-Version: 3.3.8
-Release: 2%{?dist}
+Version: 3.3.9
+Release: 1%{?dist}
 # The libraries are LGPLv2.1+, utilities are GPLv3+
 License: GPLv3+ and LGPLv2+
 Group: System Environment/Libraries
@@ -32,7 +32,6 @@ Source0: %{name}-%{version}-hobbled.tar.xz
 Source1: libgnutls-config
 Source2: hobble-gnutls
 Patch1: gnutls-3.2.7-rpath.patch
-Patch2: gnutls-3.3.8-mem-issue.patch
 Patch3: gnutls-3.1.11-nosrp.patch
 Patch4: gnutls-3.3.6-default-policy.patch
 
@@ -135,7 +134,6 @@ This package contains Guile bindings for the library.
 %setup -q
 
 %patch1 -p1 -b .rpath
-%patch2 -p1 -b .mem-issue
 %patch3 -p1 -b .nosrp
 %patch4 -p1 -b .default-policy
 sed 's/gnutls_srp.c//g' -i lib/Makefile.in
@@ -274,6 +272,9 @@ fi
 %endif
 
 %changelog
+* Mon Oct 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-1
+- new upstream release
+
 * Fri Sep 19 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-2
 - strip rpath from library
 

sources

@@ -1 +1 @@
-7bf2abde9bd30ed8a422ba8e16d2de21  gnutls-3.3.8-hobbled.tar.xz
+856e0fbc6f63ef5bf80c0f78a1d57193  gnutls-3.3.9-hobbled.tar.xz