From 6de6fba88d9d4eed7cc3fa2c20cfe7236e50a41bebf84ef933950109f7924370 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Tue, 15 May 2018 18:24:52 +0000 Subject: [PATCH] osc copypac from project:devel:languages:haskell:ghc-8.4.x package:ghc-tls revision:3, using keep-link OBS-URL: https://build.opensuse.org/package/show/devel:languages:haskell/ghc-tls?expand=0&rev=42 --- ghc-tls.changes | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/ghc-tls.changes b/ghc-tls.changes index 2fc3b6d..f7b0c8c 100644 --- a/ghc-tls.changes +++ b/ghc-tls.changes @@ -1,3 +1,42 @@ +------------------------------------------------------------------- +Mon May 14 17:02:11 UTC 2018 - psimons@suse.com + +- Update tls to version 1.4.1. + - Enable X25519 in default parameters [#265](https://github.com/vincenthz/hs-tls/pull/265) + - Checking EOF in bye [#262] (https://github.com/vincenthz/hs-tls/pull/262) + - Improving validation in DH key exchange [#256](https://github.com/vincenthz/hs-tls/pull/256) + - Handle TCP reset during handshake [#251](https://github.com/vincenthz/hs-tls/pull/251) + - Accepting hlint suggestions. + - Wrap renegotiation failures with HandshakeFailed [#237](https://github.com/vincenthz/hs-tls/pull/237) + - Improve selection of server certificate and use "signature_algorithms" extension [#236](https://github.com/vincenthz/hs-tls/pull/236) + - Change Bytes to ByteString and deprecate the Bytes type alias [#230](https://github.com/vincenthz/hs-tls/pull/230) + - Session compression and SNI [#223](https://github.com/vincenthz/hs-tls/pull/223) + - Deprecating ciphersuite_medium. Putting WARNING to ciphersuite_all since this includes RC4 [#153](https://github.com/vincenthz/hs-tls/pull/153) [#222](https://github.com/vincenthz/hs-tls/pull/222) + - Removing NPN [#214](https://github.com/vincenthz/hs-tls/pull/214) + - Supporting RSAPSS defined in TLS 1.3 [#207](https://github.com/vincenthz/hs-tls/pull/207) + - Supporting X25519 and X448 in the IES style. [#205](https://github.com/vincenthz/hs-tls/pull/205) + - Strip leading zeros in DHE premaster secret [#201](https://github.com/vincenthz/hs-tls/pull/201) + - RSASSA-PSS signatures can be enabled with `supportedHashSignatures`. This + uses assignments from TLS 1.3, for example `(HashIntrinsic, SignatureRSApssSHA256)`. + - Diffie-Hellman with elliptic curves X25519 and X448: This can be enabled with + `supportedGroups`, which also gives control over curve preference. + - ECDH with curve P-256 now uses optimized C implementation from package `cryptonite`. + + API CHANGES: + + - Cipher list `ciphersuite_medium` is now deprecated, users are advised to use + `ciphersuite_default` or `ciphersuite_strong`. List `ciphersuite_all` is kept + for compatibility with old servers but this is discouraged and generates a + warning (this includes RC4 ciphers, see [#153](https://github.com/vincenthz/hs-tls/pull/153) + for reference). + - Support for NPN (Next Protocol Negotiation) has been removed. The replacement + is ALPN (Application-Layer Protocol Negotiation). + - Data type `SessionData` now contains fields for compression algorithm and + client SNI. A `SessionManager` implementation that serializes/deserializes + `SessionData` values must deal with the new fields. + - Module `Network.TLS` exports a type alias named `Bytes` which is now deprecated. + The replacement is to use strict `ByteString` directly. + ------------------------------------------------------------------- Thu Aug 3 15:38:38 UTC 2017 - psimons@suse.com