Pedro Monreal Gonzalez
ea12736003
- Update to 3.8.5: * libgnutls: Due to majority of usages and implementations of RSA decryption with PKCS#1 v1.5 padding being incorrect, leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5 is being deprecated (encryption and decryption) and will be disabled in the future. A new option 'allow-rsa-pkcs1-encrypt' has been added into the system-wide library configuration which allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the RSAES-PKCS1-v1_5 is enabled by default. * libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for backward compatibility with GCR. * libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1 v1.5 decryption error handling and deterministic ECDSA with earlier versions of GMP. These were a regression introduced in the 3.8.4 release. See #1535 and !1827. * build: Fixed a bug where building gnutls statically failed due to a duplicate definition of nettle_rsa_compute_root_tr(). * API and ABI modifications: - GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t * Rebase patches: - gnutls-FIPS-TLS_KDF_selftest.patch - gnutls-FIPS-140-3-references.patch OBS-URL: https://build.opensuse.org/request/show/1165440 OBS-URL: https://build.opensuse.org/package/show/security:tls/gnutls?expand=0&rev=109 |
||
---|---|---|
.gitattributes | ||
.gitignore | ||
baselibs.conf | ||
gnutls-3.5.11-skip-trust-store-tests.patch | ||
gnutls-3.8.5.tar.xz | ||
gnutls-3.8.5.tar.xz.sig | ||
gnutls-disable-flaky-test-dtls-resume.patch | ||
gnutls-FIPS-140-3-references.patch | ||
gnutls-FIPS-HMAC-nettle-hogweed-gmp.patch | ||
gnutls-FIPS-jitterentropy-deinit-threads.patch | ||
gnutls-FIPS-jitterentropy.patch | ||
gnutls-FIPS-TLS_KDF_selftest.patch | ||
gnutls-srp-test-SIGPIPE.patch | ||
gnutls.changes | ||
gnutls.keyring | ||
gnutls.rpmlintrc | ||
gnutls.spec |