SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 
Changelog for gnutls-3.3.29-8.el7.x86_64.rpm :
Fri Jul 20 14:00:00 2018 Anderson Sasaki 3.3.29-8
- Backported --sni-hostname option which allows overriding the hostname
advertised to the peer (#1444792)
- Improved counter-measures in TLS CBC record padding for lucky13 attack
(CVE-2018-10844, #1589704, CVE-2018-10845, #1589707)
- Added counter-measures for \"Just in Time\" PRIME + PROBE cache-based attack
(CVE-2018-10846, #1589708)
- Address p11tool issue in object deletion in batch mode (#1375307)
- Backport PKCS#11 tests from master branch. Some tests were disabled due to
unsupported features in 3.3.x (--load-pubkey and --test-sign options, ECC key
generation without login, and certificates do not inherit ID from the private
key)
- p11tool explicitly marks certificates and public keys as NOT private objects
and private keys as private objects
- Enlarge buffer size to support resumption with large keys (#1542461)
- Legacy HMAC-SHA384 cipher suites were disabled by default
- Added DSA key generation to p11tool (#1464896)
- Address session renegotiation issue using client certificate (#1434091)
- Address issue when importing private keys into Atos HSM (#1460125)

Fri May 26 14:00:00 2017 Nikos Mavrogiannopoulos 3.3.26-9
- Address crash in OCSP status request extension, by eliminating the
unneeded parsing (CVE-2017-7507, #1455828)

Wed Apr 26 14:00:00 2017 Nikos Mavrogiannopoulos 3.3.26-7
- Address interoperability issue with 3.5.x (#1388932)
- Reject CAs which are both trusted and blacklisted in trust module (#1375303)
- Added new functions to set issuer and subject ID in certificates (#1378373)
- Reject connections with less than 1024-bit DH parameters (#1335931)
- Fix issue that made GnuTLS parse only the first 32 extensions (#1383748)
- Mention limitations of certtool in manpage (#1375463)
- Read PKCS#8 files with HMAC-SHA256 -as generated by openssl 1.1 (#1380642)
- Do not link directly to trousers but instead use dlopen (#1379739)
- Fix incorrect OCSP validation (#1377569)
- Added support for pin-value in PKCS#11 URIs (#1379283)
- Added the --id option to p11tool (#1399232)
- Improved sanity checks in RSA key generation (#1444780)
- Addressed CVE-2017-5334, CVE-2017-5335, CVE-2017-5336, CVE-2017-5337,
CVE-2017-7869

Tue Jul 12 14:00:00 2016 Nikos Mavrogiannopoulos 3.3.24-1
- Addressed issue with DSA public keys smaller than 2^1024 (#1238279)
- Addressed two-byte buffer overflow in the DTLS-0.9 protocol (#1209365)
- When writing certificates to smart cards write the CKA_ISSUER and
CKA_SERIAL_NUMBER fields to allow NSS reading them (#1272179)
- Use the shared system certificate store (#1110750)
- Address MD5 transcript collision attacks in TLS key exchange (#1289888,
CVE-2015-7575)
- Allow hashing data over 2^32 bytes (#1306953)
- Ensure written PKCS#11 public keys are not marked as private (#1339453)
- Ensure secure_getenv() is called on all uses of environment variables
(#1344591).
- Fix issues related to PKCS #11 private key listing on certain HSMs
(#1351389)

Fri Jun 5 14:00:00 2015 Nikos Mavrogiannopoulos 3.3.8-13
- Corrected reseed and respect of max_number_of_bits_per_request in
FIPS140-2 mode. Also enhanced the initial tests. (#1228199)

Mon Jan 5 13:00:00 2015 Nikos Mavrogiannopoulos 3.3.8-12
- corrected fix of handshake buffer resets (#1153106)

Thu Dec 11 13:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-11
- Applied fix for urandom FD in FIPS140 mode (#1165047)
- Applied fix for FIPS140-2 related regression (#1110696)

Tue Dec 2 13:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-10
- Amended fix for urandom FD to avoid regression in FIPS140 mode (#1165047)

Tue Nov 18 13:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-9
- Amended fix for FIPS enforcement issue (#1163848)
- Fixed issue with applications that close all file descriptors (#1165047)

Thu Nov 13 13:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-8
- Applied fix for FIPS enforcement issue when only /etc/system-fips
existed (#1163848)

Fri Nov 7 13:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-7
- Applied fix for CVE-2014-8564 (#1161473)

Wed Oct 29 13:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-6
- when generating test DH keys, enforce the q_bits.

Tue Oct 21 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-5
- do not enforce FIPS140-2 policies in non-FIPS140 mode (#1154774)

Thu Oct 16 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-4
- reverted change to use the p11-kit certificate storage (#1110750)
- added functions to test DH/ECDH in FIPS-140-2 mode and fixed
RSA key generation (#1110696)
- added manual dependencies on libtasn1 3.8 as well as p11-kit 0.20.7
- fixed SHA224 in SSSE3 optimized code
- fixed issue with handshake buffer resets (#1153106)
- fixed issue in RSA key generation with specific seeds in FIPS140-2 mode

Wed Oct 1 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-3
- added dependency on libtasn1 3.8 (#1110696)

Thu Sep 18 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-2
- disabled padlock CPU support in FIPS140-2 mode

Thu Sep 18 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-1
- updated to latest stable release

Fri Sep 5 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8-1.b2
- updated with latest bug fixes for 3.3.x branch
- delete bundled files

Thu Sep 4 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.8b1-1
- updated with latest bug fixes for 3.3.x branch

Fri Aug 22 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.7-1
- new upstream release (#1110696)
- allow DSA/DH key generation with 1024 when not in FIPS140-2 mode (#1132705)

Fri Aug 15 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.7b1-1
- updated with latest bug fixes for 3.3.x branch
- utilize the p11-kit trust store (#1110750)

Tue Jul 29 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.6-2
- correct path of fipscheck links

Wed Jul 23 14:00:00 2014 Nikos Mavrogiannopoulos 3.3.6-1
- rebased to 3.3.6 and enabled fips mode (#1110696)

Wed May 28 14:00:00 2014 Nikos Mavrogiannopoulos - 3.1.18-9
- fix session ID length check (#1102027)
- fixes null pointer dereference (#1101727)

Tue Feb 25 13:00:00 2014 Nikos Mavrogiannopoulos - 3.1.18-8
- fixes CVE-2014-0092 (#1071815)

Fri Feb 14 13:00:00 2014 Nikos Mavrogiannopoulos - 3.1.18-7
- fixes CVE-2014-1959

Fri Jan 24 13:00:00 2014 Daniel Mach - 3.1.18-6
- Mass rebuild 2014-01-24

Tue Jan 14 13:00:00 2014 Nikos Mavrogiannopoulos 3.1.18-5
- Fixed issue with gnutls.info not being available (#1053487)

Tue Jan 14 13:00:00 2014 Tomáš Mráz 3.1.18-4
- build the crywrap tool

Thu Jan 2 13:00:00 2014 Nikos Mavrogiannopoulos - 3.1.18-3
- fixes crash in gnutls_global_deinit (#1047037)

Fri Dec 27 13:00:00 2013 Daniel Mach - 3.1.18-2
- Mass rebuild 2013-12-27

Mon Dec 23 13:00:00 2013 Nikos Mavrogiannopoulos 3.1.18-1
- new upstream release (#1040886)
- Use the correct root key for unbound

Tue Nov 5 13:00:00 2013 Tomáš Mráz 3.1.16-1
- new upstream release
- fixes CVE-2013-4466 off-by-one in dane_query_tlsa()

Tue Oct 29 13:00:00 2013 Tomáš Mráz 3.1.15-1
- new upstream release
- fixes CVE-2013-4466 buffer overflow in handling DANE entries

Mon Jul 15 14:00:00 2013 Tomáš Mráz 3.1.13-1
- new upstream release

Thu May 23 14:00:00 2013 Tomáš Mráz 3.1.11-1
- new upstream release
- enable ECC NIST Suite B curves

Mon Mar 25 13:00:00 2013 Tomas Mraz 3.1.10-1
- new upstream release
- license of the library is back to LGPLv2.1+

Fri Mar 15 13:00:00 2013 Tomas Mraz 3.1.9-1
- new upstream release

Thu Mar 7 13:00:00 2013 Tomas Mraz 3.1.8-3
- drop the temporary old library

Tue Feb 26 13:00:00 2013 Tomas Mraz 3.1.8-2
- don\'t send ECC algos as supported (#913797)

Thu Feb 21 13:00:00 2013 Tomas Mraz 3.1.8-1
- new upstream version

Wed Feb 6 13:00:00 2013 Tomas Mraz 3.1.7-1
- new upstream version, requires rebuild of dependencies
- this release temporarily includes old compatibility .so

Tue Feb 5 13:00:00 2013 Tomas Mraz 2.12.22-2
- rebuilt with new libtasn1
- make guile bindings optional - breaks i686 build and there is
no dependent package

Tue Jan 8 13:00:00 2013 Tomas Mraz 2.12.22-1
- new upstream version

Wed Nov 28 13:00:00 2012 Tomas Mraz 2.12.21-2
- use RSA bit sizes supported by libgcrypt in FIPS mode for security
levels (#879643)

Fri Nov 9 13:00:00 2012 Tomas Mraz 2.12.21-1
- new upstream version

Thu Nov 1 13:00:00 2012 Tomas Mraz 2.12.20-4
- negotiate only FIPS approved algorithms in the FIPS mode (#871826)

Wed Aug 8 14:00:00 2012 Tomas Mraz 2.12.20-3
- fix the gnutls-cli-debug manpage - patch by Peter Schiffer

Thu Jul 19 14:00:00 2012 Fedora Release Engineering - 2.12.20-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

Mon Jun 18 14:00:00 2012 Tomas Mraz 2.12.20-1
- new upstream version

Fri May 18 14:00:00 2012 Tomas Mraz 2.12.19-1
- new upstream version

Thu Mar 29 14:00:00 2012 Tomas Mraz 2.12.18-1
- new upstream version

Thu Mar 8 13:00:00 2012 Tomas Mraz 2.12.17-1
- new upstream version
- fix leaks in key generation (#796302)

Fri Feb 3 13:00:00 2012 Kevin Fenzi - 2.12.14-3
- Disable largefile on arm arch. (#787287)

Fri Jan 13 13:00:00 2012 Fedora Release Engineering - 2.12.14-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

Tue Nov 8 13:00:00 2011 Tomas Mraz 2.12.14-1
- new upstream version

Mon Oct 24 14:00:00 2011 Tomas Mraz 2.12.12-1
- new upstream version

Thu Sep 29 14:00:00 2011 Tomas Mraz 2.12.11-1
- new upstream version

Fri Aug 26 14:00:00 2011 Tomas Mraz 2.12.9-1
- new upstream version

Tue Aug 16 14:00:00 2011 Tomas Mraz 2.12.8-1
- new upstream version

Mon Jul 25 14:00:00 2011 Tomas Mraz 2.12.7-2
- fix problem when using new libgcrypt
- split libgnutlsxx to a subpackage (#455146)
- drop libgnutls-openssl (#460310)

Tue Jun 21 14:00:00 2011 Tomas Mraz 2.12.7-1
- new upstream version

Mon May 9 14:00:00 2011 Tomas Mraz 2.12.4-1
- new upstream version

Tue Apr 26 14:00:00 2011 Tomas Mraz 2.12.3-1
- new upstream version

Mon Apr 18 14:00:00 2011 Tomas Mraz 2.12.2-1
- new upstream version

Thu Mar 3 13:00:00 2011 Tomas Mraz 2.10.5-1
- new upstream version

Tue Feb 8 13:00:00 2011 Fedora Release Engineering - 2.10.4-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

Wed Dec 8 13:00:00 2010 Tomas Mraz 2.10.4-1
- new upstream version

Thu Dec 2 13:00:00 2010 Tomas Mraz 2.10.3-2
- fix buffer overflow in gnutls-serv (#659259)

Fri Nov 19 13:00:00 2010 Tomas Mraz 2.10.3-1
- new upstream version

Thu Sep 30 14:00:00 2010 Tomas Mraz 2.10.2-1
- new upstream version

Wed Sep 29 14:00:00 2010 jkeating - 2.10.1-4
- Rebuilt for gcc bug 634757

Thu Sep 23 14:00:00 2010 Tomas Mraz 2.10.1-3
- more patching for internal errors regression (#629858)
patch by Vivek Dasmohapatra

Tue Sep 21 14:00:00 2010 Tomas Mraz 2.10.1-2
- backported patch from upstream git hopefully fixing internal errors
(#629858)

Wed Aug 4 14:00:00 2010 Tomas Mraz 2.10.1-1
- new upstream version

Wed Jun 2 14:00:00 2010 Tomas Mraz 2.8.6-2
- add support for safe renegotiation CVE-2009-3555 (#533125)

Wed May 12 14:00:00 2010 Tomas Mraz 2.8.6-1
- upgrade to a new upstream version

Mon Feb 15 13:00:00 2010 Rex Dieter 2.8.5-4
- FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624)

Thu Jan 28 13:00:00 2010 Tomas Mraz 2.8.5-3
- drop superfluous rpath from binaries
- do not call autoreconf during build
- specify the license on utils subpackage

Mon Jan 18 13:00:00 2010 Tomas Mraz 2.8.5-2
- do not create static libraries (#556052)

Mon Nov 2 13:00:00 2009 Tomas Mraz 2.8.5-1
- upgrade to a new upstream version

Wed Sep 23 14:00:00 2009 Tomas Mraz 2.8.4-1
- upgrade to a new upstream version

Fri Aug 14 14:00:00 2009 Tomas Mraz 2.8.3-1
- upgrade to a new upstream version

Fri Jul 24 14:00:00 2009 Fedora Release Engineering - 2.8.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Wed Jun 10 14:00:00 2009 Tomas Mraz 2.8.1-1
- upgrade to a new upstream version

Wed Jun 3 14:00:00 2009 Tomas Mraz 2.8.0-1
- upgrade to a new upstream version

Mon May 4 14:00:00 2009 Tomas Mraz 2.6.6-1
- upgrade to a new upstream version - security fixes

Tue Apr 14 14:00:00 2009 Tomas Mraz 2.6.5-1
- upgrade to a new upstream version, minor bugfixes only

Fri Mar 6 13:00:00 2009 Tomas Mraz 2.6.4-1
- upgrade to a new upstream version

Tue Feb 24 13:00:00 2009 Fedora Release Engineering - 2.6.3-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Mon Dec 15 13:00:00 2008 Tomas Mraz 2.6.3-1
- upgrade to a new upstream version

Thu Dec 4 13:00:00 2008 Tomas Mraz 2.6.2-1
- upgrade to a new upstream version

Tue Nov 11 13:00:00 2008 Tomas Mraz 2.4.2-3
- fix chain verification issue CVE-2008-4989 (#470079)

Thu Sep 25 14:00:00 2008 Tomas Mraz 2.4.2-2
- add guile subpackage (#463735)
- force new libtool through autoreconf to drop unnecessary rpaths

Tue Sep 23 14:00:00 2008 Tomas Mraz 2.4.2-1
- new upstream version

Tue Jul 1 14:00:00 2008 Tomas Mraz 2.4.1-1
- new upstream version
- correct the license tag
- explicit --with-included-opencdk not needed
- use external lzo library, internal not included anymore

Tue Jun 24 14:00:00 2008 Tomas Mraz 2.4.0-1
- upgrade to latest upstream

Tue May 20 14:00:00 2008 Tomas Mraz 2.0.4-3
- fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
(#447461, #447462, #447463)

Mon Feb 4 13:00:00 2008 Joe Orton 2.0.4-2
- use system libtasn1

Tue Dec 4 13:00:00 2007 Tomas Mraz 2.0.4-1
- upgrade to latest upstream

Tue Aug 21 14:00:00 2007 Tomas Mraz 1.6.3-2
- license tag fix

Wed Jun 6 14:00:00 2007 Tomas Mraz 1.6.3-1
- upgrade to latest upstream (#232445)

Tue Apr 10 14:00:00 2007 Tomas Mraz 1.4.5-2
- properly require install-info (patch by Ville Skyttä)
- standard buildroot and use dist tag
- add COPYING and README to doc

Wed Feb 7 13:00:00 2007 Tomas Mraz 1.4.5-1
- new upstream version
- drop libtermcap-devel from buildrequires

Thu Sep 14 14:00:00 2006 Tomas Mraz 1.4.1-2
- detect forged signatures - CVE-2006-4790 (#206411), patch
from upstream

Tue Jul 18 14:00:00 2006 Tomas Mraz - 1.4.1-1
- upgrade to new upstream version, only minor changes

Wed Jul 12 14:00:00 2006 Jesse Keating - 1.4.0-1.1
- rebuild

Wed Jun 14 14:00:00 2006 Tomas Mraz - 1.4.0-1
- upgrade to new upstream version (#192070), rebuild
of dependent packages required

Tue May 16 14:00:00 2006 Tomas Mraz - 1.2.10-2
- added missing buildrequires

Mon Feb 13 13:00:00 2006 Tomas Mraz - 1.2.10-1
- updated to new version (fixes CVE-2006-0645)

Fri Feb 10 13:00:00 2006 Jesse Keating - 1.2.9-3.2
- bump again for double-long bug on ppc(64)

Tue Feb 7 13:00:00 2006 Jesse Keating - 1.2.9-3.1
- rebuilt for new gcc4.1 snapshot and glibc changes

Tue Jan 3 13:00:00 2006 Jesse Keating 1.2.9-3
- rebuilt

Fri Dec 9 13:00:00 2005 Tomas Mraz 1.2.9-2
- replaced
*-config scripts with calls to pkg-config to
solve multilib conflicts

Wed Nov 23 13:00:00 2005 Tomas Mraz 1.2.9-1
- upgrade to newest upstream
- removed .la files (#172635)

Sun Aug 7 14:00:00 2005 Tomas Mraz 1.2.6-1
- upgrade to newest upstream (rebuild of dependencies necessary)

Mon Jul 4 14:00:00 2005 Tomas Mraz 1.0.25-2
- split the command line tools to utils subpackage

Sat Apr 30 14:00:00 2005 Tomas Mraz 1.0.25-1
- new upstream version fixes potential DOS attack

Sat Apr 23 14:00:00 2005 Tomas Mraz 1.0.24-2
- readd the version script dropped by upstream

Fri Apr 22 14:00:00 2005 Tomas Mraz 1.0.24-1
- update to the latest upstream version on the 1.0 branch

Wed Mar 2 13:00:00 2005 Warren Togami 1.0.20-6
- gcc4 rebuild

Tue Jan 4 13:00:00 2005 Ivana Varekova 1.0.20-5
- add gnutls Requires zlib-devel (#144069)

Mon Nov 8 13:00:00 2004 Colin Walters 1.0.20-4
- Make gnutls-devel Require libgcrypt-devel

Tue Sep 21 14:00:00 2004 Jeff Johnson 1.0.20-3
- rebuild with release++, otherwise unchanged.

Tue Sep 7 14:00:00 2004 Jeff Johnson 1.0.20-2
- patent tainted SRP code removed.

Sun Sep 5 14:00:00 2004 Jeff Johnson 1.0.20-1
- update to 1.0.20.
- add --with-included-opencdk --with-included-libtasn1
- add --with-included-libcfg --with-included-lzo
- add --disable-srp-authentication.
- do \"make check\" after build.

Fri Mar 21 13:00:00 2003 Jeff Johnson 0.9.2-1
- upgrade to 0.9.2

Tue Jun 25 14:00:00 2002 Jeff Johnson 0.4.4-1
- update to 0.4.4.

Fri Jun 21 14:00:00 2002 Tim Powers
- automated rebuild

Sat May 25 14:00:00 2002 Jeff Johnson 0.4.3-1
- update to 0.4.3.

Tue May 21 14:00:00 2002 Jeff Johnson 0.4.2-1
- update to 0.4.2.
- change license to LGPL.
- include splint annotations patch.

Tue Apr 2 14:00:00 2002 Nalin Dahyabhai 0.4.0-1
- update to 0.4.0

Thu Jan 17 13:00:00 2002 Nalin Dahyabhai 0.3.2-1
- update to 0.3.2

Thu Jan 10 13:00:00 2002 Nalin Dahyabhai 0.3.0-1
- add a URL

Thu Dec 20 13:00:00 2001 Nalin Dahyabhai
- initial package