After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 734710 - Upgrade gnutls version to 3.x in modulesets targetting 3.14 and above
Upgrade gnutls version to 3.x in modulesets targetting 3.14 and above
Status: RESOLVED FIXED
Product: jhbuild
Classification: Infrastructure
Component: module sets
unspecified
Other Linux
: Normal normal
: ---
Assigned To: Jhbuild maintainers
Jhbuild QA
Depends on:
Blocks:
 
 
Reported: 2014-08-13 10:32 UTC by Eduardo Lima Mitev
Modified: 2014-08-14 18:23 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Eduardo Lima Mitev 2014-08-13 10:32:41 UTC 
Next release of WebKitGTK+ will depend on gnutls 3.0. Currently, support for the WebCryptography API <http://www.w3.org/TR/WebCryptoAPI/> is being added and will be based on 3.0 version of the gnutls API.

Hence, modulesets that target GNOME 3.14 and above need to bump version of gnutls.

Why 3.0 is required and not the current 2.12?

Gnutls prior to 3.0 uses libgcrypt to handle low-level crypto, while 3.0 and above uses nettle <http://www.lysator.liu.se/~nisse/nettle/>. Support for new algorithms and bug fixing in gnutls happens in 3.0, while 2.12 is just (barely) maintained. Hence, it is a safe-bet for WebKitGTK+ development to base its features in gnutls+nettle instead. 

Gnutls 3.0 is a fairly old release now (2012) and is shipped in stable versions of most distros. So it should be safe to assume its availability in the system.
Comment 1 Javier Jardón (IRC: jjardon) 2014-08-14 18:23:54 UTC 
Makes sense, I went ahed and upgraded to 3.1, as seems its the oldest maintained version and still old enough

commit 28667927d9cc505254c560df3ca95d61781d0394

Thanks for your bug report