SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgnutls-extra26-2.8.6-5.1.x86_64.rpm :
Wed Mar 5 13:00:00 2014 lijewski.stefanAATTgmail.com
- Fixed bug [ bnc#865804] gnutls: CVE-2014-0092, insufficient X.509 certificate verification
Add patch file: CVE-2014-0092.patch
- Fixed CVE-2013-1619 - TLS-CBC timing attack
- Fix build against libcrypt-1.5.3:
patch: gnutls-2.8.6_libgcrypt150-fix.diff

Thu Apr 12 14:00:00 2012 gjheAATTsuse.com
- fix bug[bnc#753301] - VUL-0: gnutls/libtasn1
\"asn1_get_length_der()\" DER decoding issue
CVE-2012-1569
and bug[bnc#754223] - GenericBlockCipher heap corruption DoS
CVE-2012-1573

Mon Feb 13 13:00:00 2012 gjheAATTsuse.com
- fix Bug[bnc#739898] - GnuTLS DTLS plaintext recovery attack.
CVE-2012-0390

Mon Nov 14 13:00:00 2011 gjheAATTsuse.com
- fix Bug[bnc#729486] - VUL-1: CVE-2011-4128: gnutls: buffer overflow
CVE-2011-4128

Sat Apr 24 14:00:00 2010 cooloAATTnovell.com
- buildrequire pkg-config to fix provides

Thu Apr 15 14:00:00 2010 meissnerAATTsuse.de
- updated to stable 2.8.6

*
* libgnutls: For CSRs, don\'t null pad integers for RSA/DSA value.
VeriSign rejected CSRs with this padding.
Note: As a side effect of this change, the \"public key identifier\"
value computed for a certificate using this version of GnuTLS will be
different from values computed using earlier versions of GnuTLS.

*
* libgnutls: For CSRs on DSA keys, don\'t add DSA parameters to the
optional SignatureAlgorithm parameter field.
VeriSign rejected these CSRs. They are stricly speaking not needed
since you need the signer\'s certificate to verify the certificate
signature anyway.

*
* libgnutls: When checking openpgp self signature also check the signatures
of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test
vectors as well.

*
* libgnutls: Cleanups and several bug fixes.
Found by Steve Grubb and Tomas Mraz.

*
* Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.

*
* Fix --disable-valgrind-tests.

*
* examples: Use the new APIs for printing X.509 certificate information.

*
* i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese
translations. Added Simplified Chinese translation.

Tue Apr 6 14:00:00 2010 crrodriguezAATTopensuse.org
- use system libtasn1 instead of the bundled copy

Thu Feb 4 13:00:00 2010 meissnerAATTsuse.de
- some build fixes.

Thu Feb 4 13:00:00 2010 perAATTosbeck.com
- updated to stable 2.8.5

Fri Dec 25 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- enable parallel building

Wed Sep 2 14:00:00 2009 gjheAATTnovell.com
- update to lastest stable version 2.8.3
[bnc#532750]

Fri Mar 13 13:00:00 2009 jshiAATTsuse.de
- fix security bug [bnc#457938]
new CVE-2008-4989


  
ICM