gnutls/gnutls-3.8.3.tar.xz.sig at 91b174ffe35c68f9d45374d10a04db39dcffe25c01a3c5281786afcb4c9eb88c

SHA256

Pedro Monreal Gonzalez 6af759b42f Accepting request 1139454 from home:pmonrealgonzalez:branches:security:tls

- Update to 3.8.3:
  * libgnutls: Fix more timing side-channel inside RSA-PSK key
    exchange. [GNUTLS-SA-2024-01-14, CVSS: medium]
    [bsc#1218865, CVE-2024-0553]
  * libgnutls: Fix assertion failure when verifying a certificate
    chain with a cycle of cross signatures.
    [GNUTLS-SA-2024-01-09, CVSS: medium] [bsc#1218862, CVE-2024-0567]
  * libgnutls: Fix regression in handling Ed25519 keys stored in
    PKCS#11 token certtool was unable to handle Ed25519 keys
    generated on PKCS#11 with pkcs11-tool (OpenSC).
    This is a regression introduced in 3.8.2.
  * Rebase gnutls-FIPS-140-3-references.patch
  * Updated upstream gnutls.keyring

OBS-URL: https://build.opensuse.org/request/show/1139454
OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=103

2024-01-17 12:54:44 +00:00

580 B

Raw History

View Raw

580 B Raw History

580 B

Raw History