SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgnutls-devel-32bit-3.0.3-5.15.1.x86_64.rpm :

* Thu May 02 2013 shchangAATTsuse.com- Fix bug[ bnc#802651] CVE-2013-1619( gnutls): Luck-13 issue Add patch file: CVE-2013-1619.patch
* Thu Jan 31 2013 shchangAATTsuse.com- fix bug[ bnc#752193], modify CVE-2012-1663.patch update the bug fix CVE-2012-1663( gnutls double free)
* Mon Apr 23 2012 gjheAATTsuse.com- fix bug[bnc#752193] - VUL-0: gnutls double free CVE-2012-1663
* Thu Apr 12 2012 gjheAATTsuse.com- fix bug[bnc#753301] - VUL-0: gnutls/libtasn1 \"asn1_get_length_der()\" DER decoding issue CVE-2012-1569 and bug[bnc#754223] - GenericBlockCipher heap corruption DoS CVE-2012-1573
* Mon Feb 13 2012 gjheAATTsuse.com- fix Bug[bnc#739898] - VUL-1: CVE-2012-0390: GnuTLS DTLS plaintext recovery attack.
* Mon Oct 17 2011 vuntzAATTopensuse.org- Add gnutls-fix-crash-on-strcat.patch: make sure a string is nul-terminated before using strcat on it. Fix bnc#724421.
* Fri Sep 30 2011 uliAATTsuse.com- cross-build fix: configure with sysroot
* Sat Sep 24 2011 vuntzAATTopensuse.org- Add gnutls-fix-compression.patch: fix some decompression/compression issues that caused connection failures to some XMPP servers. Patch taken from git.
* Fri Sep 23 2011 meissnerAATTsuse.de- added libgnutls-devel to baselibs.conf for 32bit Wine on 64bit build
* Tue Sep 20 2011 vuntzAATTopensuse.org- Update to version 3.0.3: + libgnutls: - Added gnutls_record_get_discarded() to return the number of discarded records in a DTLS session. - All functions related to RSA-EXPORT were deprecated. - Memory leak fixes in credentials private key deinitialization. - Memory leak fixes in ECC ciphersuites. - Do not send an empty extension structure in server hello. This affected old implementations that do not support extensions. - Allow CA importing of 0 certificates to succeed. - Added support for VIA padlock AES optimizations. (disabled by default) - Added support for elliptic curves in PKCS #11. - Added gnutls_pkcs11_privkey_generate() to allow generating a key in a token. - gnutls_transport_set_lowat dummy macro was removed. + p11tool: Added generate-rsa, generate-dsa and generate-ecc options to allow generating private keys in the token.- Changes from version 3.0.2: + libgnutls: - OpenPGP certificate type is not enabled by default. - Added %NO_EXTENSIONS priority string. - Corrected issue in gnutls_record_recv() triggered on encryption or compression error. - Compatibility fixes in CPU ID detection for i386 and old GCC. - Corrected parsing of XMPP subject alternative names. - Allow for out-of-order ChangeCipherSpec message in DTLS. - gnutls_certificate_set_x509_key() and gnutls_certificate_set_openpgp_key() operate as in 2.10.x and allow the release of the private key during the lifetime of the certificate structure. + gnutls-cli: Benchmark applications were incorporated with it.- Changes from version 3.0.1: + libgnutls: - gnutls_certificate_set_x509_key_file() and friends support server name indication. If multiple certificates are set using these functions the proper one will be selected during a handshake. - Added AES-256-GCM which was left out from the previous release. - When asking for a PKCS# 11 PIN multiple times, the flags in the callback were not being updated to reflect for PIN low count or final try. - Do not allow second instances of PKCS #11 modules. - Fixed alignment issue in AES-NI code. - The config file at gnutls_pkcs11_init() is being read if provided. - Ensure that a certificate list specified using gnutls_certificate_set_x509_key() and friends, is sorted according to TLS specification (from subject to issuer). - Added GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for gnutls_x509_crt_list_import. It checks whether the list to be imported is properly sorted. + crywrap: Added to the distribution. It is an application that proxies TLS session to a port using a plaintext service. + Many GTK-DOC improvements. + Updated translations.- Drop 0001-Included-appro-s-updates-to-AES-NI.patch, 0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch, 0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch, 0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch: all fixed upstream.- Drop call to autoreconf: it was only needed for the patches.- Add libidn-devel BuildRequires for the new crywrap tool.
* Mon Aug 29 2011 cooloAATTnovell.com- update baselibs.conf
* Wed Aug 17 2011 crrodriguezAATTopensuse.org- Update to version 3.0.0. many fixes see NEWS for details This changelog only describes important package changes or features.
* Main reason for update is to support Intel AES-NI CPU extensions.
* Bump sonames in the library package accordingly
* C++ apps must now buildrequire libgnutls++-devel
* Software using the openssl emulation must buildrequire libgnutls-openssl-devel or better use openssl directly.
* Upstream no longer uses libgcrypt but libnettle.
* Upstream now requires the use of p11-kit
* Add post-release upstream patches critical for improving AES-NI support.
* Thu Jun 23 2011 gjheAATTnovell.com- update to stable version 2.10.5
*
* libgnutls: Corrected verification of finished messages.
*
* libgnutls: Corrected signature generation and verification in the Certificate Verify message when in TLS 1.2. Reported by Todd A. Ouska.
*
* pkg-config gnutls.pc improvements. The file uses \'Requires.private\' for libtasn1 and libz when needed, instead of Libs.private. From Andreas Metzler.
*
* gnutls-serv: Corrected a buffer overflow. Reported and patch by Tomas Mraz.
*
* libgnutls: Use ASN1_NULL when writing parameters for RSA signatures. This makes us comply with RFC3279. Reported by Michael Rommel.
*
* libgnutls: Reverted default behavior for verification and introduced GNUTLS_VERIFY_DO_NOT_ALLOW_X509_V1_CA_CRT. Thus by default V1 trusted CAs are allowed, unless the new flag is specified.
*
* minitasn1: Updated to Libtasn1 2.9.
*
* bgnutls: Correctly add leading zero to PKCS #8 encoded DSA key. Reported by Jeffrey Walton.
*
* libgnutls: Corrected memory leak in extension data calculation. Reported by Mike Blumenkrantz.
*
* libgnutls: Remove trailing comma in enums in gnutls.h and x509.h.
*
* API and ABI modifications: No changes since last version.
* Mon Oct 11 2010 gjheAATTnovell.com- update to latest stable version 2.10.2
* tons of changes, see NEWS
* Sat Apr 24 2010 cooloAATTnovell.com- buildrequire pkg-config to fix provides
* Thu Apr 15 2010 meissnerAATTsuse.de- updated to stable 2.8.6
*
* libgnutls: For CSRs, don\'t null pad integers for RSA/DSA value. VeriSign rejected CSRs with this padding. Note: As a side effect of this change, the \"public key identifier\" value computed for a certificate using this version of GnuTLS will be different from values computed using earlier versions of GnuTLS.
*
* libgnutls: For CSRs on DSA keys, don\'t add DSA parameters to the optional SignatureAlgorithm parameter field. VeriSign rejected these CSRs. They are stricly speaking not needed since you need the signer\'s certificate to verify the certificate signature anyway.
*
* libgnutls: When checking openpgp self signature also check the signatures of all subkeys. Ilari Liusvaara noticed and reported the issue and provided test vectors as well.
*
* libgnutls: Cleanups and several bug fixes. Found by Steve Grubb and Tomas Mraz.
*
* Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.
*
* Fix --disable-valgrind-tests.
*
* examples: Use the new APIs for printing X.509 certificate information.
*
* i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese translations. Added Simplified Chinese translation.
* Tue Apr 06 2010 crrodriguezAATTopensuse.org- use system libtasn1 instead of the bundled copy
* Thu Feb 04 2010 meissnerAATTsuse.de- some build fixes.
* Thu Feb 04 2010 perAATTosbeck.com- updated to stable 2.8.5
* Fri Dec 25 2009 jengelhAATTmedozas.de- add baselibs.conf as a source- enable parallel building
* Wed Sep 02 2009 gjheAATTnovell.com- update to lastest stable version 2.8.3 [bnc#532750]
* Fri Mar 13 2009 jshiAATTsuse.de- fix security bug [bnc#457938] new CVE-2008-4989
  
ICM