SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for perl-IO-Socket-SSL-2.066-2.fc29.noarch.rpm :

* Mon Nov 25 2019 Petr Pisar - 2.066-2- Default to PROFILE=SYSTEM cipher list (bug #1775167)
* Wed Mar 06 2019 Paul Howarth - 2.066-1- Update to 2.066 - Make sure that Net::SSLeay::CTX_get0_param is defined before using X509_V_FLAG_PARTIAL_CHAIN; Net::SSLeay 1.85 defined only the second with LibreSSL 2.7.4 but not the first (CPAN RT#=128716) - Prefer AES for server side cipher default since it is usually hardware-accelerated - Fix test t/verify_partial_chain.t by using the newly exposed function can_partial_chain instead of guessing (wrongly) if the functionality is available
* Mon Mar 04 2019 Paul Howarth - 2.064-1- Update to 2.064 - Make algorithm for fingerprint optional, i.e. detect based on length of fingerprint (CPAN RT#127773) - Fix t/sessions.t and improve stability of t/verify_hostname.t on Windows - Use CTX_set_ecdh_auto when needed (OpenSSL 1.0.2) if explicit curves are set - Update fingerprints for live tests
* Sat Mar 02 2019 Paul Howarth - 2.063-1- Update to 2.063 - Support for both RSA and ECDSA certificate on same domain - Update PublicSuffix - Refuse to build if Net::SSLeay is compiled with one version of OpenSSL but then linked against another API-incompatible version (i.e. more than just the patchlevel differs)
* Mon Feb 25 2019 Paul Howarth - 2.062-1- Update to 2.062 - Enable X509_V_FLAG_PARTIAL_CHAIN if supported by Net::SSLeay (1.83+) and OpenSSL (1.1.0+); this makes leaf certificates or intermediate certificates in the trust store be usable as full trust anchors too
* Sat Feb 23 2019 Paul Howarth - 2.061-1- Update to 2.061 - Support for TLS 1.3 session reuse (needs Net::SSLeay ≥ 1.86); note that the previous (and undocumented) API for the session cache has been changed - Support for multiple curves, automatic setting of curves and setting of supported curves in client (needs Net::SSLeay ≥ 1.86) - Enable Post-Handshake-Authentication (TLSv1.3 feature) client-side when client certificates are provided (needs Net::SSLeay ≥ 1.86)
* Thu Feb 07 2019 Petr Pisar - 2.060-3- Client sends a post-handshake-authentication extension if a client key and a certificate are available (bug #1632660)
* Mon Sep 24 2018 Petr Pisar - 2.060-2- Prevent tests from dying on SIGPIPE (CPAN RT#126899)
* Mon Sep 17 2018 Paul Howarth - 2.060-1- Update to 2.060 - Support for TLS 1.3 with OpenSSL 1.1.1 (needs Net::SSLeay ≥ 1.86); see also CPAN RT#126899 - TLS 1.3 support is not complete yet for session reuse
* Tue Aug 21 2018 Petr Pisar - 2.059-2- Adapt to OpenSSL 1.1.1, it requires patched Net-SSLeay (bug #1616198)
* Thu Aug 16 2018 Paul Howarth - 2.059-1- Update to 2.059 - Fix memory leak when CRLs are used (CPAN RT#125867) - Fix memory leak when using stop_SSL and threads (https://rt.cpan.org/Ticket/Display.html?id=125867#txn-1797132)
* Thu Jul 19 2018 Paul Howarth - 2.058-1- Update to 2.058 - Fix memory leak that occurred with explicit stop_SSL in connection with non-blocking sockets or timeout (CPAN RT#125867) - Fix redefine warnings in case Socket6 is installed but neither IO::Socket::IP nor IO::Socket::INET6 (CPAN RT#124963) - IO::Socket::SSL::Intercept - optional \'serial\' argument can be starting number or callback to create serial number based on the original certificate - New function get_session_reused to check if a session got reused - IO::Socket::SSL::Utils::CERT_asHash: fingerprint_xxx now set to the correct value - Fix t/session_ticket.t: It failed with OpenSSL 1.1.
* since this version expects the extKeyUsage of clientAuth in the client cert also to be allowed by the CA if CA uses extKeyUsage
* Fri Jul 13 2018 Fedora Release Engineering - 2.056-3- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Thu Jun 28 2018 Jitka Plesnikova - 2.056-2- Perl 5.28 rebuild
* Mon Feb 19 2018 Paul Howarth - 2.056-1- Update to 2.056 - Intercept: Fix creation of serial number (basing it on binary digest instead of treating hex fingerprint as binary), allow use of own serial numbers again - t/io-socket-ip.t: Skip test if no IPv6 support on system (CPAN RT#124464) - Update PublicSuffix
* Thu Feb 15 2018 Paul Howarth - 2.055-1- Update to 2.055 - Use SNI also if hostname was given all-uppercase - Utils::CERT_create: Don\'t add authority key for issuer since Chrome does not like this - Intercept: - Change behavior of code-based cache to better support synchronizing within multiprocess/threaded set-ups - Don\'t use counter for serial number but somehow base it on original certificate in order to avoid conflicts with reuse of serial numbers after restart - Better support platforms without IPv6 (CPAN RT#124431) - Spelling fixes in documentation (CPAN RT#124306)
* Thu Feb 08 2018 Fedora Release Engineering - 2.054-2- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Mon Jan 22 2018 Paul Howarth - 2.054-1- Update to 2.054 - Small behavior fixes - If SSL_fingerprint is used and matches, don\'t check for OCSP - Utils::CERT_create: Small fixes to properly specific purpose, ability to use predefined complex purpose but disable some features - Update PublicSuffix - Updates for documentation, especially regarding pitfalls with forking or using non-blocking sockets, spelling fixes - Test fixes and improvements - Stability improvements for live tests - Regenerate certificates in certs/ and make sure they are limited to the correct purpose; check in program used to generate certificates - Adjust tests since certificates have changed and some tests used certificates intended for client authentication as server certificates, which now no longer works
  
ICM