Enclosed diff updates openconnect to 8.10, which fixes a potential
buffer overflow with GnuTLS describing local certs (CVE-2020-12823).
Changes: https://www.infradead.org/openconnect/changelog.html
Run tested on amd64.
I think it makes sense to push this to 6.7 as well.
Comments/OK?
diff --git Makefile Makefile
index c9b56144549..9a938c2b264 100644
--- Makefile
+++ Makefile
@@ -2,7 +2,7 @@
COMMENT= client for Cisco AnyConnect SSL VPN
-DISTNAME= openconnect-8.08
+DISTNAME= openconnect-8.10
SHARED_LIBS += openconnect 4.5 # 5.6
@@ -43,7 +43,8 @@ LIB_DEPENDS= archivers/lz4 \
# further work
TEST_DEPENDS= net/ocserv
-FAKE_FLAGS= pkgdatadir=${PREFIX}/share/doc/openconnect
+FAKE_FLAGS=
bashcompletiondir=${PREFIX}/share/examples/openconnect/bash_completion.d \
+ pkgdatadir=${PREFIX}/share/doc/openconnect
CONFIGURE_STYLE= gnu
CONFIGURE_ENV= CPPFLAGS="-I${LOCALBASE}/include" \
diff --git distinfo distinfo
index ac8f211db28..e6753496aa5 100644
--- distinfo
+++ distinfo
@@ -1,2 +1,2 @@
-SHA256 (openconnect-8.08.tar.gz) = t0sw66u9SAEFbkbANz5x89QcdbgF/Mfuj8WG/lWTeeg=
-SIZE (openconnect-8.08.tar.gz) = 2038269
+SHA256 (openconnect-8.10.tar.gz) = MOZMbspL5Hu/HWH1PcADxmISE3ONTqejXlzxrC3purE=
+SIZE (openconnect-8.10.tar.gz) = 2084534
diff --git pkg/PLIST pkg/PLIST
index 682b39d4649..a75701c0230 100644
--- pkg/PLIST
+++ pkg/PLIST
@@ -50,6 +50,11 @@ share/doc/openconnect/tncc.html
share/doc/openconnect/token.html
share/doc/openconnect/tpm.html
share/doc/openconnect/vpnc-script.html
+share/examples/openconnect/
+share/examples/openconnect/bash_completion.d/
+@sample ${SYSCONFDIR}/bash_completion.d/
+share/examples/openconnect/bash_completion.d/openconnect
+@sample ${SYSCONFDIR}/bash_completion.d/openconnect
share/locale/ar/LC_MESSAGES/openconnect.mo
share/locale/bs/LC_MESSAGES/openconnect.mo
share/locale/ca/LC_MESSAGES/openconnect.mo
