SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for gnutls-devel-3.7.6-23.el9.x86_64.rpm :

* Sat Jul 29 2023 Daiki Ueno - 3.7.6-23- Mark SHA-1 signature verification non-approved in FIPS (#2102751)
* Tue Jul 18 2023 Daiki Ueno - 3.7.6-22- Skip KTLS test on old kernel if host and target arches are different
* Thu Jul 13 2023 Daiki Ueno - 3.7.6-21- Require use of extended master secret in FIPS mode by default (#2157953)
* Tue Mar 14 2023 Daiki Ueno - 3.7.6-20- Fix the previous change (#2175214)
* Fri Mar 10 2023 Daiki Ueno - 3.7.6-19- Bump release to ensure el9 package is greater than el9_
* packages (#2175214)
* Tue Feb 28 2023 Daiki Ueno - 3.7.6-18- Update gnutls-3.7.8-fips-pct-dh.patch to the upstream version (#2168143)
* Fri Feb 10 2023 Daiki Ueno - 3.7.6-17- Fix timing side-channel in TLS RSA key exchange (#2162601)
* Fri Feb 10 2023 Daiki Ueno - 3.7.6-16- fips: extend PCT to DH key generation (#2168143)
* Thu Dec 15 2022 Zoltan Fridrich - 3.7.6-15- fips: rename hmac file to its previous name (#2148269)
* Tue Nov 22 2022 Daiki Ueno - 3.7.6-14- cipher: add restriction on CCM tag length under FIPS mode (#2137807)- nettle: mark non-compliant RSA-PSS salt length to be not-approved (#2143266)
* Tue Nov 15 2022 Zoltan Fridrich - 3.7.6-13- fips: make XTS key check failure not fatal (#2130971)- enable source archive verification again (#2127094)- clear server\'s session ticket indication at rehandshake (#2136072)- crypto-api: add block cipher API with automatic padding (#2084161)- fips: remove library path checking from FIPS integrity check (#2140908)
* Tue Sep 27 2022 Daiki Ueno - 3.7.6-12- fips: mark PBKDF2 with short key and output sizes non-approved- fips: only mark HMAC as approved in PBKDF2- fips: mark gnutls_key_generate with short key sizes non-approved- fips: fix checking on hash algorithm used in ECDSA- fips: preserve operation context around FIPS selftests API
* Fri Aug 26 2022 Daiki Ueno - 3.7.6-11- Supply --with{,out}-{zlib,brotli,zstd} explicitly
* Thu Aug 25 2022 Daiki Ueno - 3.7.6-10- Revert nettle version pinning as it doesn\'t work well in side-tag
* Thu Aug 25 2022 Daiki Ueno - 3.7.6-9- Pin nettle version in Requires when compiled with FIPS
* Tue Aug 23 2022 Daiki Ueno - 3.7.6-8- Bundle GMP to privatize memory functions- Disable certificate compression support by default
* Tue Aug 23 2022 Daiki Ueno - 3.7.6-7- Update gnutls-3.7.6-cpuid-fixes.patch
* Sat Aug 20 2022 Daiki Ueno - 3.7.6-6- Mark RSA SigVer operation approved for known modulus sizes (#2091903)- accelerated: clear AVX bits if it cannot be queried through XSAVE
* Thu Aug 04 2022 Daiki Ueno - 3.7.6-5- Block DES-CBC usage in decrypting PKCS#12 bag under FIPS (#2115244)- sysrng: reseed source DRBG for prediction resistance
* Fri Jul 29 2022 Daiki Ueno - 3.7.6-4- Make gnutls-cli work with KTLS for testing- Fix double-free in gnutls_pkcs7_verify (#2109790)
* Mon Jul 25 2022 Daiki Ueno - 3.7.6-3- Limit input size for AES-GCM according to SP800-38D (#2095251)- Do not treat GPG verification errors as fatal- Remove gnutls-3.7.6-libgnutlsxx-const.patch
* Tue Jul 19 2022 Daiki Ueno - 3.7.6-2- Allow enabling KTLS with config file (#2042009)
* Fri Jul 01 2022 Daiki Ueno - 3.7.6-1- Update to gnutls 3.7.6 (#2097327)
* Thu Mar 31 2022 Daiki Ueno - 3.7.3-10- Use only the first component of VERSION from /etc/os-release (#2070249)- Don\'t run power-on self-tests on DSA (#2061325)
* Fri Feb 25 2022 Daiki Ueno - 3.7.3-9- Stop using typeof keyword for tss2 function prototypes (#2057490)- Ensure allowlist API is called before priority string construction (#1975421)
* Thu Feb 24 2022 Daiki Ueno - 3.7.3-8- Fix previous change for loading libtss2
* (#2057490)
* Wed Feb 23 2022 Daiki Ueno - 3.7.3-7- Increase GNUTLS_MAX_ALGORITHM_NUM for allowlisting (#2033220)- Ensure allowlisting API is called before priority string is constructed (#2042532)- Use dlopen for loading libtss2
* to avoid OpenSSL dependency (#2057490)
* Tue Feb 22 2022 Daiki Ueno - 3.7.3-6- Compile out GOST algorithm IDs (#1945292)
* Thu Feb 17 2022 Zoltan Fridrich - 3.7.3-5- Fix upstream testsuite in fips mode (#2051637)
* Wed Feb 16 2022 Daiki Ueno - 3.7.3-4- Specify FIPS140-3 module name and version- fips: allow a few more primes in RSA key generation- fips: tighten PKCS#12 algorithm checks- Correct return value of KTLS stub API
* Tue Feb 15 2022 Zoltan Fridrich - 3.7.3-3- Disable config reload in order to not break allowlisting (#2042532)
* Wed Feb 02 2022 Daiki Ueno - 3.7.3-2- Build with TPM2 support, patch from Alexander Sosedkin (#2033220)
* Tue Jan 18 2022 Daiki Ueno - 3.7.3-1- Update to gnutls 3.7.3 (#2033220)
* Wed Dec 22 2021 Daiki Ueno - 3.7.2-10- Update gnutls_{hash,hmac}_copy man-pages as well (#1999639)
* Wed Dec 22 2021 Daiki Ueno - 3.7.2-9- Drop support for GNUTLS_NO_EXPLICIT_INIT envvar in favor of GNUTLS_NO_IMPLICIT_INIT (#1999639)- Expand documentation of gnutls_{hash,hmac}_copy, mentioning that those do not always work (#1999639)
* Tue Dec 21 2021 Daiki Ueno - 3.7.2-9- Fix race condition when resolving SYSTEM priority in allowlisting mode (#2012249)
* Thu Oct 21 2021 Daiki Ueno - 3.7.2-8- Fix issues in bundled libopts, spotted by covscan (#1938730)
* Tue Oct 12 2021 Daiki Ueno - 3.7.2-7- Enable Intel CET- Remove unnecessary CCASFLAGS setting for annocheck
* Thu Aug 19 2021 Daiki Ueno - 3.7.2-6- Reorder doc/invoke-
*.texi generation (#1975482)- Temporarily disable LTO for aarch64 and ppc64le
* Mon Aug 09 2021 Mohan Boddu - 3.7.2-5- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688
* Mon Aug 02 2021 Daiki Ueno - 3.7.2-4- Disable GOST cryptography by default (#1945292)- Tighten timestamp adjustment when not bootstrapping (#1975482)- Re-enable LTO (#1986143)
  
ICM