main/mbedtls: security upgrade to 3.6.4

main/mbedtls/APKBUILD

@@ -2,7 +2,7 @@
 # Contributor: Łukasz Jendrysik <scadu@yandex.com>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=mbedtls
-pkgver=3.6.3.1 # long-time support branch
+pkgver=3.6.4 # long-time support branch
 pkgrel=0
 pkgdesc="Light-weight cryptographic and SSL/TLS library"
 url="https://www.trustedfirmware.org/projects/mbed-tls/"
@@ -10,7 +10,7 @@ arch="all"
 license="Apache-2.0 OR GPL-2.0-or-later"
 makedepends="cmake perl python3 samurai"
 subpackages="$pkgname-static $pkgname-dev $pkgname-utils"
-source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pkgver.tar.gz
+source="https://github.com/Mbed-TLS/mbedtls/releases/download/mbedtls-$pkgver/mbedtls-$pkgver.tar.bz2
 	gcc14.patch
 	"
 
@@ -18,6 +18,14 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/ARMmbed/mbedtls/archive/v$pk
 # https://mbed-tls.readthedocs.io/en/latest/security-advisories/
 
 # secfixes:
+#   3.6.4-r0:
+#     - CVE-2025-47917
+#     - CVE-2025-48965
+#     - CVE-2025-49087
+#     - CVE-2025-49600
+#     - CVE-2025-49601
+#     - CVE-2025-52496
+#     - CVE-2025-52497
 #   3.6.3-r0:
 #     - CVE-2025-27809
 #     - CVE-2025-27810
@@ -94,6 +102,6 @@ utils() {
 }
 
 sha512sums="
-9cc483182fb4f5e8e383f707dd5efc83783a00c9db70217d9612199f57d1eba4428534c4e2aed4ddc291ef0487c9f4ea13a35602c824b96db139f85b59f67ef3  mbedtls-3.6.3.1.tar.gz
+6671fb8fcaa832e5b115dfdce8f78baa6a4aea71f5c89a640583634cdee27aefe3bf4be075744da91f7c3ae5ea4e0c765c8fc3937b5cfd9ea73d87ef496524da  mbedtls-3.6.4.tar.bz2
 3c07e8f773295a08b1f215b64f1f62e194ec4fa54b6485107a3db0d731e12df1a88321852dd5caeb5f1f4931695168c9618f316cfecfd92c42c88f610285cef6  gcc14.patch
 "