Accepting request 449317 from Base:System
- Version 3.5.8 (released 2016-01-09)
* libgnutls: Ensure that multiple calls to the gnutls_set_priority_*
functions will not leave the verification profiles field to an
undefined state. The last call will take precedence.
* libgnutls: Ensure that GNUTLS_E_DECRYPTION_FAIL will be returned
by PKCS#8 decryption functions when an invalid key is provided. This
addresses regression on decrypting certain PKCS#8 keys.
* libgnutls: Introduced option to override the default priority string
used by the library. The intention is to allow support of system-wide
priority strings (as set with --with-system-priority-file). The
configure option is --with-default-priority-string.
* libgnutls: Require a valid IV size on all ciphers for PKCS#8 decryption.
This prevents crashes when decrypting malformed PKCS#8 keys.
* libgnutls: Fix crash on the loading of malformed private keys with certain
parameters set to zero.
* libgnutls: Fix double free in certificate information printing. If the PKIX
extension proxy was set with a policy language set but no policy specified,
that could lead to a double free.
* libgnutls: Addressed memory leaks in client and server side error paths
(issues found using oss-fuzz project)
* libgnutls: Addressed memory leaks in X.509 certificate printing error paths
(issues found using oss-fuzz project)
* libgnutls: Addressed memory leaks and an infinite loop in OpenPGP certificate
parsing. Fixes by Alex Gaynor. (issues found using oss-fuzz project)
* libgnutls: Addressed invalid memory accesses in OpenPGP certificate parsing.
(issues found using oss-fuzz project)
- security issues fixed: GNUTLS-SA-2017-1 GNUTLS-SA-2017-2
OBS-URL: https://build.opensuse.org/request/show/449317
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=96
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
parent
9d4c48404b
commit
556f692995
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:60cbfc119e6268cfa38d712621daa473298a0c5b129c0842caec4c1ed4d7861a
|
||||
size 7265264
|
||||
Binary file not shown.
3
gnutls-3.5.8.tar.xz
Normal file
3
gnutls-3.5.8.tar.xz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0e97f243ae72b70307d684b84c7fe679385aa7a7a0e37e5be810193dcc17d4ff
|
||||
size 7264448
|
||||
BIN
gnutls-3.5.8.tar.xz.sig
Normal file
BIN
gnutls-3.5.8.tar.xz.sig
Normal file
Binary file not shown.
@ -1,4 +1,35 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 9 10:07:19 UTC 2017 - meissner@suse.com
|
||||
|
||||
- Version 3.5.8 (released 2016-01-09)
|
||||
* libgnutls: Ensure that multiple calls to the gnutls_set_priority_*
|
||||
functions will not leave the verification profiles field to an
|
||||
undefined state. The last call will take precedence.
|
||||
* libgnutls: Ensure that GNUTLS_E_DECRYPTION_FAIL will be returned
|
||||
by PKCS#8 decryption functions when an invalid key is provided. This
|
||||
addresses regression on decrypting certain PKCS#8 keys.
|
||||
* libgnutls: Introduced option to override the default priority string
|
||||
used by the library. The intention is to allow support of system-wide
|
||||
priority strings (as set with --with-system-priority-file). The
|
||||
configure option is --with-default-priority-string.
|
||||
* libgnutls: Require a valid IV size on all ciphers for PKCS#8 decryption.
|
||||
This prevents crashes when decrypting malformed PKCS#8 keys.
|
||||
* libgnutls: Fix crash on the loading of malformed private keys with certain
|
||||
parameters set to zero.
|
||||
* libgnutls: Fix double free in certificate information printing. If the PKIX
|
||||
extension proxy was set with a policy language set but no policy specified,
|
||||
that could lead to a double free.
|
||||
* libgnutls: Addressed memory leaks in client and server side error paths
|
||||
(issues found using oss-fuzz project)
|
||||
* libgnutls: Addressed memory leaks in X.509 certificate printing error paths
|
||||
(issues found using oss-fuzz project)
|
||||
* libgnutls: Addressed memory leaks and an infinite loop in OpenPGP certificate
|
||||
parsing. Fixes by Alex Gaynor. (issues found using oss-fuzz project)
|
||||
* libgnutls: Addressed invalid memory accesses in OpenPGP certificate parsing.
|
||||
(issues found using oss-fuzz project)
|
||||
|
||||
- security issues fixed: GNUTLS-SA-2017-1 GNUTLS-SA-2017-2
|
||||
-------------------------------------------------------------------
|
||||
Sun Dec 18 16:28:51 UTC 2016 - astieger@suse.com
|
||||
|
||||
- GnuTLS 3.5.7, the next stable branch, with the following
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package gnutls
|
||||
#
|
||||
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -29,7 +29,7 @@
|
||||
%define gnutls_dane_sover 0
|
||||
%endif
|
||||
Name: gnutls
|
||||
Version: 3.5.7
|
||||
Version: 3.5.8
|
||||
Release: 0
|
||||
Summary: The GNU Transport Layer Security Library
|
||||
License: LGPL-2.1+ and GPL-3.0+
|
||||
|
||||
Loading…
Reference in New Issue
Block a user