gnutls: upgrade 3.7.7 -> 3.7.11 to address CVE-2023-5981, CVE-2024-28835, CVE-2024-28834 & CVE-2024-0553 (#10578)

Changelog: https://gitlab.com/gnutls/gnutls/-/blob/3.7.11/NEWS
Signed-off-by: Muhammad Falak R Wani <[email protected]>

Author: mfrw

SPECS/gnutls/gnutls.signatures.json

@@ -1,5 +1,5 @@
 {
  "Signatures": {
-  "gnutls-3.7.7.tar.xz": "be9143d0d58eab64dba9b77114aaafac529b6c0d7e81de6bdf1c9b59027d2106"
+  "gnutls-3.7.11.tar.xz": "90e337504031ef7d3077ab1a52ca8bac9b2f72bc454c95365a1cd1e0e81e06e9"
  }
 }

SPECS/gnutls/gnutls.spec

@@ -1,15 +1,13 @@
 Summary:        The GnuTLS Transport Layer Security Library
 Name:           gnutls
-Version:        3.7.7
-Release:        4%{?dist}
+Version:        3.7.11
+Release:        1%{?dist}
 License:        GPLv3+ AND LGPLv2.1+
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
 Group:          System Environment/Libraries
 URL:            https://www.gnutls.org
 Source0:        https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz
-Patch0:         CVE-2023-0361.patch
-Patch1:         CVE-2024-0567.patch
 BuildRequires:  autogen-libopts-devel
 BuildRequires:  gc-devel
 BuildRequires:  guile-devel
@@ -96,6 +94,10 @@ sed -i 's/TESTS += test-ciphers-openssl.sh//'  tests/slow/Makefile.am
 %{_mandir}/man3/*
 
 %changelog
+* Mon Sep 30 2024 Muhammad Falak <[email protected]> - 3.7.11-1
+- Upgrade to v3.7.11 to address CVE-2023-5981, CVE-2024-28835, CVE-2024-28834, CVE-2024-0553
+- Drop patches which are already included in the source.
+
 * Wed Sep 20 2023 Zhichun Wan <[email protected]> - 3.7.7-4
 - Add patch to fix CVE-2024-0567
 

cgmanifest.json

@@ -4570,8 +4570,8 @@
         "type": "other",
         "other": {
           "name": "gnutls",
-          "version": "3.7.7",
-          "downloadUrl": "https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.7.tar.xz"
+          "version": "3.7.11",
+          "downloadUrl": "https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/gnutls-3.7.11.tar.xz"
         }
       }
     },