From c17dc39d1f27d1d99e44dccd19c2a8fdb1bf2eea Mon Sep 17 00:00:00 2001
From: jasper <jasper@openbsd.org>
Date: Wed, 12 Nov 2008 17:09:25 +0000
Subject: [PATCH] - SECURITY UPDATE of gnutls to 2.6.1 fixes CVE-2008-4989:
 GnuTLS Library X.509 Certificate Chain Validation Vulnerability

ok landry@ naddy@
---
 security/gnutls/Makefile                      |  4 ++--
 security/gnutls/distinfo                      | 10 ++++-----
 .../gnutls/patches/patch-libextra_fipsmd5_c   | 21 -------------------
 3 files changed, 7 insertions(+), 28 deletions(-)
 delete mode 100644 security/gnutls/patches/patch-libextra_fipsmd5_c

diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile
index 132de2797d9..eeec77ac966 100644
--- a/security/gnutls/Makefile
+++ b/security/gnutls/Makefile
@@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.15 2008/10/26 10:50:37 landry Exp $
+# $OpenBSD: Makefile,v 1.16 2008/11/12 17:09:25 jasper Exp $
 
 COMMENT=	GNU Transport Layer Security library
 
-DISTNAME=	gnutls-2.6.0
+DISTNAME=	gnutls-2.6.1
 CATEGORIES=	security
 SHARED_LIBS=	gnutls-extra	14.0 \
 		gnutls-openssl	14.0 \
diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo
index 8d60e26e19a..8831d0253b3 100644
--- a/security/gnutls/distinfo
+++ b/security/gnutls/distinfo
@@ -1,5 +1,5 @@
-MD5 (gnutls-2.6.0.tar.bz2) = B17Vu3uCrqmJKSX1kIiN4w==
-RMD160 (gnutls-2.6.0.tar.bz2) = HZJmLt1k6T5lj8Un8d+/yZqzodo=
-SHA1 (gnutls-2.6.0.tar.bz2) = u9nl86d7/L71p2nGfRV256bkvaU=
-SHA256 (gnutls-2.6.0.tar.bz2) = knCj6rmpNxg5r3m+ktULiyHn++FX6+kV7a6ONS9On7U=
-SIZE (gnutls-2.6.0.tar.bz2) = 5112845
+MD5 (gnutls-2.6.1.tar.bz2) = HOpT11L17dW68Q3TMQtUkg==
+RMD160 (gnutls-2.6.1.tar.bz2) = w5U5vV1OB9wJ9YJ6jCLYdicrS7w=
+SHA1 (gnutls-2.6.1.tar.bz2) = pEXoQXa/dyeU252McdVRXe2xS8w=
+SHA256 (gnutls-2.6.1.tar.bz2) = M+cEIwj4l63MNuM+16xgc0SG4Dez+yJGXFTvYKKF0Kc=
+SIZE (gnutls-2.6.1.tar.bz2) = 5113327
diff --git a/security/gnutls/patches/patch-libextra_fipsmd5_c b/security/gnutls/patches/patch-libextra_fipsmd5_c
deleted file mode 100644
index b82cdee0372..00000000000
--- a/security/gnutls/patches/patch-libextra_fipsmd5_c
+++ /dev/null
@@ -1,21 +0,0 @@
-$OpenBSD: patch-libextra_fipsmd5_c,v 1.1 2008/10/26 10:50:37 landry Exp $
---- libextra/fipsmd5.c.orig	Thu Oct 23 20:40:26 2008
-+++ libextra/fipsmd5.c	Thu Oct 23 20:40:43 2008
-@@ -194,7 +194,7 @@ hmacmd5deinit (void *ctx)
-   gnutls_free (p);
- }
- 
--gnutls_crypto_single_digest_st dig =
-+static gnutls_crypto_single_digest_st dig =
-   {
-     md5init,
-     NULL,
-@@ -204,7 +204,7 @@ gnutls_crypto_single_digest_st dig =
-     md5deinit
-   };
- 
--gnutls_crypto_single_mac_st mac =
-+static gnutls_crypto_single_mac_st mac =
-   {
-     hmacmd5init,
-     hmacmd5setkey,