factory #1
No Assignees
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: pool/gnutls#1
Reference in New Issue
Block a user
Delete Branch "factory"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
* Merge gnutls-FIPS-jitterentropy-deinit-threads.patch into the main jitterentropy patch gnutls-FIPS-jitterentropy.patch * Merge the soname gnutls-fips-sonames-check.patch and V3 gnutls-FIPS-HMAC-x86_64-v3-opt.patch patches together into gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch * Remove gnutls-set-cligen-python-interp.patch with a sed command. - Enable back the failing tests that have been fixed upstream: * Remove patches: - gnutls-disable-flaky-test-dtls-resume.patch - gnutls-srp-test-SIGPIPE.patch - gnutls-skip-pqx-test.patch - gnutls-3.8.10-disable-ktls_test.patch - Update to 3.8.11: * libgnutls: Fix stack overwrite in gnutls_pkcs11_token_init Reported by Luigino Camastra from Aisle Research. [GNUTLS-SA-2025-11-18, CVSS: low] [bsc#1254132, CVE-2025-9820] * libgnutls: MAC algorithms for PSK binders is now configurable The previous implementation assumed HMAC-SHA256 to calculate the PSK binders. With the new gnutls_psk_allocate_client_credentials2() and gnutls_psk_allocate_server_credentials2() functions, the application can use other MAC algorithms such as HMAC-SHA384. * libgnutls: Expose a new function to provide the maximum record send size A new function gnutls_record_get_max_send_size() has been added to determine the maximum size of a TLS record to be sent to the peer. * libgnutls: Expose a new function to update keys without sending a KeyUpdate to the peer. A new function gnutls_handshake_update_receiving_key() has been added to allow updating the local receiving key without OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=133Pull request closed