SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG
DONATE


YUM REPOSITORY

 
 
Changelog for libgnutls26-2.10.3-9.1.x86_64.rpm :
Sat Apr 24 14:00:00 2010 cooloAATTnovell.com
- buildrequire pkg-config to fix provides

Thu Apr 15 14:00:00 2010 meissnerAATTsuse.de
- updated to stable 2.8.6

*
* libgnutls: For CSRs, don\'t null pad integers for RSA/DSA value.
VeriSign rejected CSRs with this padding.
Note: As a side effect of this change, the \"public key identifier\"
value computed for a certificate using this version of GnuTLS will be
different from values computed using earlier versions of GnuTLS.

*
* libgnutls: For CSRs on DSA keys, don\'t add DSA parameters to the
optional SignatureAlgorithm parameter field.
VeriSign rejected these CSRs. They are stricly speaking not needed
since you need the signer\'s certificate to verify the certificate
signature anyway.

*
* libgnutls: When checking openpgp self signature also check the signatures
of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test
vectors as well.

*
* libgnutls: Cleanups and several bug fixes.
Found by Steve Grubb and Tomas Mraz.

*
* Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.

*
* Fix --disable-valgrind-tests.

*
* examples: Use the new APIs for printing X.509 certificate information.

*
* i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese
translations. Added Simplified Chinese translation.

Tue Apr 6 14:00:00 2010 crrodriguezAATTopensuse.org
- use system libtasn1 instead of the bundled copy

Thu Feb 4 13:00:00 2010 meissnerAATTsuse.de
- some build fixes.

Thu Feb 4 13:00:00 2010 perAATTosbeck.com
- updated to stable 2.8.5

Fri Dec 25 13:00:00 2009 jengelhAATTmedozas.de
- add baselibs.conf as a source
- enable parallel building

Wed Sep 2 14:00:00 2009 gjheAATTnovell.com
- update to lastest stable version 2.8.3
[bnc#532750]

Fri Mar 13 13:00:00 2009 jshiAATTsuse.de
- fix security bug [bnc#457938]
new CVE-2008-4989

Wed Dec 10 13:00:00 2008 olhAATTsuse.de
- use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
(bnc#437293)

Fri Nov 28 13:00:00 2008 jshiAATTsuse.de
- fix security bug [bnc#441856]
CVE-2008-4989

Thu Oct 30 13:00:00 2008 olhAATTsuse.de
- obsolete old -XXbit packages (bnc#437293)

Sat Aug 2 14:00:00 2008 meissnerAATTsuse.de
- run testsuite

Thu Jul 17 14:00:00 2008 mkoenigAATTsuse.de
- update to version 2.4.1

* libgnutls: Fix local crash in gnutls_handshake

* libgnutls: Fix memory leaks when doing a re-handshake

* Fix compiler warnings

* Fix ordering of -I\'s to avoid opencdk.h conflict with
system headers

* srptool: Fix a problem where --verify check does not succeed
- remove C++ wrapper lib, it is not usable without SRP
- remove patch
gnutls-1.6.1-srptool.patch

Wed Jul 2 14:00:00 2008 mkoenigAATTsuse.de
- remove gnutls main package from baselibs.conf

Thu Jun 26 14:00:00 2008 mkoenigAATTsuse.de
- update to version 2.4.0

* The OpenPGP sub-system has been improved and now supports subkeys

* The PSK sub-system has been improved and now supports password
derivation and PSK identity hints

* The certtool --inder and --outder has been replaced
by --inraw and --outraw

* New APIs to access the raw X.509 Subject and Issuer DN\'s and
elements from the certificate credentials structure

* New APIs to improve working with username/passwords and PSK

* Names of constants to affect certificate printing changed

* The function gnutls_openpgp_privkey_get_id has been renamed to
gnutls_openpgp_privkey_get_key_id

* API/ABI changes in GnuTLS 2.4
All OpenPGP related functions have been moved from
libgnutls-extra to libgnutls, and several new functions have
been added
- remove SRP functionality from C++ wrapper, otherwise it cannot
be linked against it
- removed patches
gnutls-2.2.2-uninitialized.patch
gnutls-char-signedness.patch
gnutls-GNUTLS_SA_2008_1.patch

Mon Jun 23 14:00:00 2008 mkoenigAATTsuse.de
- disable SRP [bnc#65192]

Wed May 21 14:00:00 2008 mkoenigAATTsuse.de
- fix three security bugs [bnc#392947]
CVE-2008-1948 GNUTLS-SA-2008-1-1
Fix crash when sending invalid server name
CVE-2008-1949 GNUTLS-SA-2008-1-2
Fix crash when sending repeated client hellos
CVE-2008-1950 GNUTLS-SA-2008-1-3
Fix crash in cipher padding decoding for invalid record lengths

Thu May 8 14:00:00 2008 mkoenigAATTsuse.de
- fix build

Tue Apr 29 14:00:00 2008 cthielAATTsuse.de
- obsolete gnutls- via baselibs.conf

Thu Apr 10 14:00:00 2008 roAATTsuse.de
- added baselibs.conf file to build xxbit packages
for multilib support

Thu Apr 3 14:00:00 2008 mkoenigAATTsuse.de
- update to version 2.2.2

* Cipher priority string handling now handle strings that
starts with NULL

* Corrected memory leaks in session resuming and DHE ciphersuites

* Increased the default certificate verification chain limits and
allowed for checks without limitation

* Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
and gnutls_x509_crt_get_subject_alt_name() to not null terminate
binary strings and return the proper size

Thu Jan 31 13:00:00 2008 mkoenigAATTsuse.de
- update to version 2.2.1

* Fixes the post_client_hello_function()

* Fix for certificate selection in servers with certificate callbacks

* certtool: Fixed data corruption when using --outder

* TLS authorization support removed.

* Corrected bug which did not allow a server to run without
supporting certificates

* Introduced gnutls_session_enable_compatibility_mode()

* Added gnutls_record_disable_padding() to allow servers talking to
buggy clients

* Fixed PKCS #3 parameter export

* Added support for Camellia cipher

* certtool: Add option --quick-random

* Added capability to set a callback after the client hello is
received by the server in order to adjust parameters before
the handshake

* certtool: Fixed data corruption when using --outder

* SRP was corrected to adhere to the latest draft

* Updated the DN parser

* Added support for DSA2 using libgcrypt 1.3.0

* Removed all the trustdb code from openpgp authentication.
We now use only the well-specified keyrings

* The gnutls_certificate_set_openpgp_
* functions were modified
to include the format. This makes the interface consistent with
the x509 functions

* Introduced gnutls_session_enable_compatibility_mode()

* Added gnutls_set_default_priority2()

* Added priority functions that accept strings

* certtool: Add option --disable-quick-random to enable the
old behaviour of using /dev/random to generate keys

* Added the --v1 option to certtool, to allow generating X.509
version 1 certificates

* Fix PKCS#3 parameter export problem

* Fixed GNUTLS_E_UNKNOWN_ALGORITHM vs GNUTLS_E_UNKNOWN_HASH_ALGORITHM

* gnutls_certificate_set_x509_key_
* can now read PKCS #8 unencrypted
private keys

* Introduced the GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR error code

* Added the --to-p8 option to certtool to convert private keys
to PKCS #8 keys

* Corrected bug in decompression of expanded compression data

* The gnutls_
*_convert_priority() functions were deprecated

* gnutls-cli and gnutls-serv now have a --priority option

* PKCS #8 parser can now encode/decode DSA keys

* Corrected a segfault when setting an empty gnutls_priority_t
at gnutls_priority_set()

* Added gnutls_x509_crt_get_subject_alt_name2()

* The GPL version has been changed from version 2 to version 3.
This affects the self-tests, command-line tools, the libgnutls-extra
library, the relevant guile parts, and the build environment
- API and ABI modifications, library soname switch from 13 to 26
- change package structure:

* branch off libgnutls-extra
since this is now GPLv3 or later while libgnutls remains
LGPLv2.1 or later

* gnutls license change to GPLv3
- build without lzo support to avoid license problems
since lzo is currently GPLv2 only
- removed merged patches:
gnutls-fix_size_t.patch

Tue Oct 23 14:00:00 2007 mkoenigAATTsuse.de
- update to version 2.0.1
- change package layout to conform shlib policy:
rename gnutls-devel -> libgnutls-devel
new subpackage libgnutls13
- removed patches:
gnutls-1.4.4-sign-callback.patch
gnutls-1.6.1-compiler_warnings.patch

Thu Aug 30 14:00:00 2007 mkoenigAATTsuse.de
- fix srptool [#208227]
- fix some compiler warnings

Fri Aug 3 14:00:00 2007 hvogelAATTsuse.de
- Some additions for evolution smart card support

Thu May 10 14:00:00 2007 mkoenigAATTsuse.de
- Fix segfault on s390x [#97441]
gnutls-fix_size_t.patch

Tue Jan 23 13:00:00 2007 mkoenigAATTsuse.de
- update to new stable branch 1.6.1:

* Fix the list of trusted CAs that server\'s send to clients.

* Fix gnutls_certificate_set_x509_crl to initialize the CRL
before using it.

* Encode UID fields in DN\'s as DirectoryString.

* Fix ./configure failure with non-GCC compilers.

* A GnuTLS C++ library is part of the official distribution.

* New APIs for custom push/pull function error reporting.

Tue Oct 24 14:00:00 2006 mkoenigAATTsuse.de
- move developer related docs to devel package and remove
binary stuff from docs [#212454]

Tue Sep 19 14:00:00 2006 mkoenigAATTsuse.de
- update to version 1.4.4:

* bugfix release

* fixes security vulnerability [#206636] (CVE-2006-4790)

Thu Aug 31 14:00:00 2006 mkoenigAATTsuse.de
- update to new stable branch 1.4.1:

* The command line tools now use getaddrinfo and support IPv6.

* gnutls-cli can now recognize services and port numbers with
the -p option.

* Error messages are now translated using GNU Gettext.

* GnuTLS now support TLS Inner application (TLS/IA).

* API and ABI modifications:
+ Support for DHE-PSK cipher suites has been added.
+ Removed the RIPEMD ciphersuites.
+ Remove GnuTLS 0.8.x compatibility functions.
+ Support for TLS Pre-Shared Key (TLS-PSK) ciphersuites have
been added.
+ Certtool now generate keys in unencrypted PKCS#8 format for
empty passwords.
+ Certtool now accept --password for --key-info and encrypted
PKCS#8 keys.
+ gnutls_x509_privkey_import_pkcs8 now accept unencrypted
PEM PKCS#8 keys,
+ New function to set a X.509 private key and certificate
pairs, and/or CRLs, from an PKCS#12 file.
+ New APIs to acceess the client and server random fields in
a session.
+ New APIs to access the TLS Pseudo-Random-Function (PRF).
+ New API to access the TLS master secret.
+ The function gnutls_x509_crt_to_xml now return an internal
error.

* Several bugfixes:
+ Corrected a bug in certtool for 64 bit machines.
+ Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly.
+ Fix crash in TLS resume code, caused by TLS/IA changes.
+ Corrected bugs in gnutls_certificate_set_x509_crl() and
gnutls_certificate_set_x509_trust().
+ Fixed bug in non-blocking gnutls_bye().
+ Fix read of out bounds bug in DER parser.
+ Fixed bug in OpenPGP authentication handshake.