SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libgnutls-extra26-2.8.6-5.29.1.i586.rpm :

* Mon Jun 02 2014 citypwAATTgmail.com- Fixed bug[ bnc#880730], CVE-2014-3466: gnutls: Possible memory corruption during connect Add patch files: CVE-2014-3466.patch
* Wed Mar 05 2014 lijewski.stefanAATTgmail.com- Fixed bug [ bnc#865804] gnutls: CVE-2014-0092, insufficient X.509 certificate verification Add patch file: CVE-2014-0092.patch- Fixed CVE-2013-1619 - TLS-CBC timing attack- Fix build against libcrypt-1.5.3: patch: gnutls-2.8.6_libgcrypt150-fix.diff
* Thu Apr 12 2012 gjheAATTsuse.com- fix bug[bnc#753301] - VUL-0: gnutls/libtasn1 \"asn1_get_length_der()\" DER decoding issue CVE-2012-1569 and bug[bnc#754223] - GenericBlockCipher heap corruption DoS CVE-2012-1573
* Mon Feb 13 2012 gjheAATTsuse.com- fix Bug[bnc#739898] - GnuTLS DTLS plaintext recovery attack. CVE-2012-0390
* Mon Nov 14 2011 gjheAATTsuse.com- fix Bug[bnc#729486] - VUL-1: CVE-2011-4128: gnutls: buffer overflow CVE-2011-4128
* Sat Apr 24 2010 cooloAATTnovell.com- buildrequire pkg-config to fix provides
* Thu Apr 15 2010 meissnerAATTsuse.de- updated to stable 2.8.6
*
* libgnutls: For CSRs, don\'t null pad integers for RSA/DSA value. VeriSign rejected CSRs with this padding. Note: As a side effect of this change, the \"public key identifier\" value computed for a certificate using this version of GnuTLS will be different from values computed using earlier versions of GnuTLS.
*
* libgnutls: For CSRs on DSA keys, don\'t add DSA parameters to the optional SignatureAlgorithm parameter field. VeriSign rejected these CSRs. They are stricly speaking not needed since you need the signer\'s certificate to verify the certificate signature anyway.
*
* libgnutls: When checking openpgp self signature also check the signatures of all subkeys. Ilari Liusvaara noticed and reported the issue and provided test vectors as well.
*
* libgnutls: Cleanups and several bug fixes. Found by Steve Grubb and Tomas Mraz.
*
* Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.
*
* Fix --disable-valgrind-tests.
*
* examples: Use the new APIs for printing X.509 certificate information.
*
* i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese translations. Added Simplified Chinese translation.
* Tue Apr 06 2010 crrodriguezAATTopensuse.org- use system libtasn1 instead of the bundled copy
* Thu Feb 04 2010 meissnerAATTsuse.de- some build fixes.
* Thu Feb 04 2010 perAATTosbeck.com- updated to stable 2.8.5
* Fri Dec 25 2009 jengelhAATTmedozas.de- add baselibs.conf as a source- enable parallel building
* Wed Sep 02 2009 gjheAATTnovell.com- update to lastest stable version 2.8.3 [bnc#532750]
* Fri Mar 13 2009 jshiAATTsuse.de- fix security bug [bnc#457938] new CVE-2008-4989
  
ICM