Accepting request 387555 from Base:System

- Updated to 3.4.11
  * Version 3.4.11 (released 2016-04-11)
  ** libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. 
     Reported by Fridolin Pokorny.
  ** libgnutls: Fixes in DSA key generation under PKCS #11. Report and
     patches by Jan Vcelak.
  ** libgnutls: Corrected behavior of ALPN extension parsing during
     session resumption. Report and patches by Yuriy M. Kaminskiy.
  ** libgnutls: Corrected regression (since 3.4.0) in 
     gnutls_server_name_set() which caused it not to accept non-null-
     terminated hostnames. Reported by Tim Ruehsen.
  ** libgnutls: Corrected printing of the IP Adress name constraints.
  ** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers
     serving chunk encoding which ocsptool doesn't support. Reported by
     Thomas Klute.
  ** certtool: do not require a CA for OCSP signing tag. This follows the
     recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate
     OCSP signing to another certificate without requiring it to be a CA.
     Reported by Thomas Klute.
  * Version 3.4.10 (released 2016-03-03)
  ** libgnutls: Eliminated issues preventing buffers more than 2^32 bytes
     to be used with hashing functions.
  ** libgnutls: Corrected leaks and other issues in
     gnutls_x509_crt_list_import().
  ** libgnutls: Fixes in DSA key handling for PKCS #11. Report and 
     patches by Jan Vcelak.
  ** libgnutls: Several fixes to prevent relying on undefined behavior
     of C (found with libubsan).
  * Version 3.4.9 (released 2016-02-03)
  ** libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would

OBS-URL: https://build.opensuse.org/request/show/387555
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=90

gnutls-3.4.11.tar.xz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:70ef9c9f95822d363036c6e6b5479750e5b7fc34f50e750c3464a98ec65a9ab8
+size 6652224

gnutls-3.4.8.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:e07c05dea525c6bf0dd8017fc5b89d886954f04fedf457ecd1ce488ac3b86ab7
-size 6631528

gnutls.changes

@@ -1,3 +1,45 @@
+-------------------------------------------------------------------
+Mon Apr 11 09:18:26 UTC 2016 - meissner@suse.com
+
+- Updated to 3.4.11
+  * Version 3.4.11 (released 2016-04-11)
+  ** libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. 
+     Reported by Fridolin Pokorny.
+  ** libgnutls: Fixes in DSA key generation under PKCS #11. Report and
+     patches by Jan Vcelak.
+  ** libgnutls: Corrected behavior of ALPN extension parsing during
+     session resumption. Report and patches by Yuriy M. Kaminskiy.
+  ** libgnutls: Corrected regression (since 3.4.0) in 
+     gnutls_server_name_set() which caused it not to accept non-null-
+     terminated hostnames. Reported by Tim Ruehsen.
+  ** libgnutls: Corrected printing of the IP Adress name constraints.
+  ** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers
+     serving chunk encoding which ocsptool doesn't support. Reported by
+     Thomas Klute.
+  ** certtool: do not require a CA for OCSP signing tag. This follows the
+     recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate
+     OCSP signing to another certificate without requiring it to be a CA.
+     Reported by Thomas Klute.
+
+  * Version 3.4.10 (released 2016-03-03)
+  ** libgnutls: Eliminated issues preventing buffers more than 2^32 bytes
+     to be used with hashing functions.
+  ** libgnutls: Corrected leaks and other issues in
+     gnutls_x509_crt_list_import().
+  ** libgnutls: Fixes in DSA key handling for PKCS #11. Report and 
+     patches by Jan Vcelak.
+  ** libgnutls: Several fixes to prevent relying on undefined behavior
+     of C (found with libubsan).
+
+  * Version 3.4.9 (released 2016-02-03)
+  ** libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would
+     negotiate the last commonly supported protocol, rather than the 
+     first. Reported by Remi Denis-Courmont (#63).
+  ** libgnutls: Tolerate empty DN fields in informational output 
+     functions.
+  ** libgnutls: Corrected regression causes by incorrect fix in
+     gnutls_x509_ext_export_key_usage() at 3.4.8 release.
+
 -------------------------------------------------------------------
 Thu Feb 18 16:00:30 UTC 2016 - mrueckert@suse.de
 

gnutls.spec

@@ -29,7 +29,7 @@
 %bcond_with tpm
 
 Name:           gnutls
-Version:        3.4.8
+Version:        3.4.11
 Release:        0
 Summary:        The GNU Transport Layer Security Library
 License:        LGPL-2.1+ and GPL-3.0+