gnutls35: 3.5.5 -> 3.5.8

Fixes the following security issues:

  * CVE-2017-5334
  * CVE-2017-5335
  * CVE-2017-5336
  * CVE-2017-5337

See https://www.gnutls.org/news.html#2017-01-09 for more information.

pkgs/development/libraries/gnutls/3.5.nix

@@ -1,10 +1,12 @@
-{ callPackage, fetchurl, autoreconfHook, ... } @ args:
+{ callPackage, fetchurl, libunistring, ... } @ args:
 
 callPackage ./generic.nix (args // rec {
-  version = "3.5.5";
+  version = "3.5.8";
 
   src = fetchurl {
     url = "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.5/gnutls-${version}.tar.xz";
-    sha256 = "0ag5q3dfxzv0dmqy7q0a8y74yc3m5yzvjrp324l6vqafh3klz6c6";
+    sha256 = "1zyl2z63s68hx1dpxqx0lykmlf3rwrzlrf44sq3h7dvjmr1z55qf";
   };
+
+  buildInputs = [ libunistring ];
 })

pkgs/development/libraries/gnutls/generic.nix

@@ -4,6 +4,7 @@
 
 # Version dependent args
 , version, src, patches ? [], postPatch ? "", nativeBuildInputs ? []
+, buildInputs ? []
 , ...}:
 
 assert guileBindings -> guile != null;
@@ -41,7 +42,8 @@ stdenv.mkDerivation {
     ++ lib.optional (stdenv.isFreeBSD || stdenv.isDarwin) libiconv
     ++ lib.optional (tpmSupport && stdenv.isLinux) trousers
     ++ [ unbound ]
-    ++ lib.optional guileBindings guile;
+    ++ lib.optional guileBindings guile
+    ++ buildInputs;
 
   nativeBuildInputs = [ perl pkgconfig ] ++ nativeBuildInputs;
 
@@ -75,7 +77,7 @@ stdenv.mkDerivation {
 
     homepage = http://www.gnu.org/software/gnutls/;
     license = licenses.lgpl21Plus;
-    maintainers = with maintainers; [ eelco wkennington ];
+    maintainers = with maintainers; [ eelco wkennington fpletz ];
     platforms = platforms.all;
   };
 }