SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgnutls-extra26-2.4.1-24.3.i586.rpm :
Thu Aug 27 14:00:00 2009 gjheAATTsuse.de
- fix security bug [bnc#528372]
new CVE-2009-2730

Mon Mar 16 13:00:00 2009 jshiAATTsuse.de
- fix security bug [bnc#457938]
new CVE-2008-4989

Wed Dec 10 13:00:00 2008 olhAATTsuse.de
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
(bnc#437293)

Fri Nov 28 13:00:00 2008 jshiAATTsuse.de
- fix security bug [bnc#441856]
CVE-2008-4989

Thu Oct 30 13:00:00 2008 olhAATTsuse.de
- obsolete old -XXbit packages (bnc#437293)

Sat Aug 2 14:00:00 2008 meissnerAATTsuse.de
- run testsuite

Thu Jul 17 14:00:00 2008 mkoenigAATTsuse.de
- update to version 2.4.1

* libgnutls: Fix local crash in gnutls_handshake

* libgnutls: Fix memory leaks when doing a re-handshake

* Fix compiler warnings

* Fix ordering of -I\'s to avoid opencdk.h conflict with
system headers

* srptool: Fix a problem where --verify check does not succeed
- remove C++ wrapper lib, it is not usable without SRP
- remove patch
gnutls-1.6.1-srptool.patch

Wed Jul 2 14:00:00 2008 mkoenigAATTsuse.de
- remove gnutls main package from baselibs.conf

Thu Jun 26 14:00:00 2008 mkoenigAATTsuse.de
- update to version 2.4.0

* The OpenPGP sub-system has been improved and now supports subkeys

* The PSK sub-system has been improved and now supports password
derivation and PSK identity hints

* The certtool --inder and --outder has been replaced
by --inraw and --outraw

* New APIs to access the raw X.509 Subject and Issuer DN\'s and
elements from the certificate credentials structure

* New APIs to improve working with username/passwords and PSK

* Names of constants to affect certificate printing changed

* The function gnutls_openpgp_privkey_get_id has been renamed to
gnutls_openpgp_privkey_get_key_id

* API/ABI changes in GnuTLS 2.4
All OpenPGP related functions have been moved from
libgnutls-extra to libgnutls, and several new functions have
been added
- remove SRP functionality from C++ wrapper, otherwise it cannot
be linked against it
- removed patches
gnutls-2.2.2-uninitialized.patch
gnutls-char-signedness.patch
gnutls-GNUTLS_SA_2008_1.patch

Mon Jun 23 14:00:00 2008 mkoenigAATTsuse.de
- disable SRP [bnc#65192]

Wed May 21 14:00:00 2008 mkoenigAATTsuse.de
- fix three security bugs [bnc#392947]
CVE-2008-1948 GNUTLS-SA-2008-1-1
Fix crash when sending invalid server name
CVE-2008-1949 GNUTLS-SA-2008-1-2
Fix crash when sending repeated client hellos
CVE-2008-1950 GNUTLS-SA-2008-1-3
Fix crash in cipher padding decoding for invalid record lengths

Thu May 8 14:00:00 2008 mkoenigAATTsuse.de
- fix build

Tue Apr 29 14:00:00 2008 cthielAATTsuse.de
- obsolete gnutls- via baselibs.conf

Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support

Thu Apr 3 14:00:00 2008 mkoenigAATTsuse.de
- update to version 2.2.2

* Cipher priority string handling now handle strings that
starts with NULL

* Corrected memory leaks in session resuming and DHE ciphersuites

* Increased the default certificate verification chain limits and
allowed for checks without limitation

* Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
and gnutls_x509_crt_get_subject_alt_name() to not null terminate
binary strings and return the proper size

Thu Jan 31 13:00:00 2008 mkoenigAATTsuse.de
- update to version 2.2.1

* Fixes the post_client_hello_function()

* Fix for certificate selection in servers with certificate callbacks

* certtool: Fixed data corruption when using --outder

* TLS authorization support removed.

* Corrected bug which did not allow a server to run without
supporting certificates

* Introduced gnutls_session_enable_compatibility_mode()

* Added gnutls_record_disable_padding() to allow servers talking to
buggy clients

* Fixed PKCS #3 parameter export

* Added support for Camellia cipher

* certtool: Add option --quick-random

* Added capability to set a callback after the client hello is
received by the server in order to adjust parameters before
the handshake

* certtool: Fixed data corruption when using --outder

* SRP was corrected to adhere to the latest draft

* Updated the DN parser

* Added support for DSA2 using libgcrypt 1.3.0

* Removed all the trustdb code from openpgp authentication.
We now use only the well-specified keyrings

* The gnutls_certificate_set_openpgp_
* functions were modified
to include the format. This makes the interface consistent with
the x509 functions

* Introduced gnutls_session_enable_compatibility_mode()

* Added gnutls_set_default_priority2()

* Added priority functions that accept strings

* certtool: Add option --disable-quick-random to enable the
old behaviour of using /dev/random to generate keys

* Added the --v1 option to certtool, to allow generating X.509
version 1 certificates

* Fix PKCS#3 parameter export problem

* Fixed GNUTLS_E_UNKNOWN_ALGORITHM vs GNUTLS_E_UNKNOWN_HASH_ALGORITHM

* gnutls_certificate_set_x509_key_
* can now read PKCS #8 unencrypted
private keys

* Introduced the GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR error code

* Added the --to-p8 option to certtool to convert private keys
to PKCS #8 keys

* Corrected bug in decompression of expanded compression data

* The gnutls_
*_convert_priority() functions were deprecated

* gnutls-cli and gnutls-serv now have a --priority option

* PKCS #8 parser can now encode/decode DSA keys

* Corrected a segfault when setting an empty gnutls_priority_t
at gnutls_priority_set()

* Added gnutls_x509_crt_get_subject_alt_name2()

* The GPL version has been changed from version 2 to version 3.
This affects the self-tests, command-line tools, the libgnutls-extra
library, the relevant guile parts, and the build environment
- API and ABI modifications, library soname switch from 13 to 26
- change package structure:

* branch off libgnutls-extra
since this is now GPLv3 or later while libgnutls remains
LGPLv2.1 or later

* gnutls license change to GPLv3
- build without lzo support to avoid license problems
since lzo is currently GPLv2 only
- removed merged patches:
gnutls-fix_size_t.patch

Tue Oct 23 14:00:00 2007 mkoenigAATTsuse.de
- update to version 2.0.1
- change package layout to conform shlib policy:
rename gnutls-devel -> libgnutls-devel
new subpackage libgnutls13
- removed patches:
gnutls-1.4.4-sign-callback.patch
gnutls-1.6.1-compiler_warnings.patch

Thu Aug 30 14:00:00 2007 mkoenigAATTsuse.de
- fix srptool [#208227]
- fix some compiler warnings

Fri Aug 3 14:00:00 2007 hvogelAATTsuse.de
- Some additions for evolution smart card support

Thu May 10 14:00:00 2007 mkoenigAATTsuse.de
- Fix segfault on s390x [#97441]
gnutls-fix_size_t.patch

Tue Jan 23 13:00:00 2007 mkoenigAATTsuse.de
- update to new stable branch 1.6.1:

* Fix the list of trusted CAs that server\'s send to clients.

* Fix gnutls_certificate_set_x509_crl to initialize the CRL
before using it.

* Encode UID fields in DN\'s as DirectoryString.

* Fix ./configure failure with non-GCC compilers.

* A GnuTLS C++ library is part of the official distribution.

* New APIs for custom push/pull function error reporting.

Tue Oct 24 14:00:00 2006 mkoenigAATTsuse.de
- move developer related docs to devel package and remove
binary stuff from docs [#212454]

Tue Sep 19 14:00:00 2006 mkoenigAATTsuse.de
- update to version 1.4.4:

* bugfix release

* fixes security vulnerability [#206636] (CVE-2006-4790)

Thu Aug 31 14:00:00 2006 mkoenigAATTsuse.de
- update to new stable branch 1.4.1:

* The command line tools now use getaddrinfo and support IPv6.

* gnutls-cli can now recognize services and port numbers with
the -p option.

* Error messages are now translated using GNU Gettext.

* GnuTLS now support TLS Inner application (TLS/IA).

* API and ABI modifications:
+ Support for DHE-PSK cipher suites has been added.
+ Removed the RIPEMD ciphersuites.
+ Remove GnuTLS 0.8.x compatibility functions.
+ Support for TLS Pre-Shared Key (TLS-PSK) ciphersuites have
been added.
+ Certtool now generate keys in unencrypted PKCS#8 format for
empty passwords.
+ Certtool now accept --password for --key-info and encrypted
PKCS#8 keys.
+ gnutls_x509_privkey_import_pkcs8 now accept unencrypted
PEM PKCS#8 keys,
+ New function to set a X.509 private key and certificate
pairs, and/or CRLs, from an PKCS#12 file.
+ New APIs to acceess the client and server random fields in
a session.
+ New APIs to access the TLS Pseudo-Random-Function (PRF).
+ New API to access the TLS master secret.
+ The function gnutls_x509_crt_to_xml now return an internal
error.

* Several bugfixes:
+ Corrected a bug in certtool for 64 bit machines.
+ Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly.
+ Fix crash in TLS resume code, caused by TLS/IA changes.
+ Corrected bugs in gnutls_certificate_set_x509_crl() and
gnutls_certificate_set_x509_trust().
+ Fixed bug in non-blocking gnutls_bye().
+ Fix read of out bounds bug in DER parser.
+ Fixed bug in OpenPGP authentication handshake.


 
ICM