rpm/gnutls
SHA256
1
0
Fork 0
forked from pool/gnutls
Code Pull Requests Activity

Accepting request 142850 from Base:System

Browse Source 
- include LGPL-3.0+ text in COPYING.LESSER
- run regression tests, but move "make check" to %check section
- add gnutls-3.0.26-skip-test-fwrite.patch to skip a failing test
- no longer manipulate doc/examples tree in %install section, the 
  deletion of Makefiles breaks "make check" in %check
- install documentation, reference and examples in %install section
  to fetch them for the package without unneccessary files (forwarded request 142825 from AndreasStieger)

OBS-URL: https://build.opensuse.org/request/show/142850
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=53
This commit is contained in:
Stephan Kulow
2012-11-28 09:29:35 +00:00
committed by Git OBS Bridge
parent 5b1c69d57e
commit 830abeae2a
6 changed files with 133 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

71
gnutls.changes
View File

@@ -1,3 +1,74 @@
-------------------------------------------------------------------
Sun Nov 25 10:52:46 UTC 2012 - andreas.stieger@gmx.de
- include LGPL-3.0+ text in COPYING.LESSER
- run regression tests, but move "make check" to %check section
- add gnutls-3.0.26-skip-test-fwrite.patch to skip a failing test
- no longer manipulate doc/examples tree in %install section, the
deletion of Makefiles breaks "make check" in %check
- install documentation, reference and examples in %install section
to fetch them for the package without unneccessary files
-------------------------------------------------------------------
Fri Nov 16 23:30:09 UTC 2012 - andreas.stieger@gmx.de
- updated to GnuTLS 3.0.26:
- libgnutls: Always tolerate key usage violation errors from the
side of the peer, but also notify via an audit message.
- libgnutls: gnutls_x509_crl_verify() includes time checks.
- libgnutls: Increased maximum password length in the PKCS #12
functions.
- API and ABI modifications:
GNUTLS_CERT_REVOCATION_DATA_TOO_OLD: Added
GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE: Added
- includes changes from 3.0.25:
- libgnutls: Fixed the receipt of session tickets during session
resumption.
- libgnutls: Added gnutls_ocsp_resp_check_crt() to check whether the
OCSP response corresponds to the given certificate.
- libgnutls: Several updates in the OpenPGP code. The generating code
is fully RFC6091 compliant and RFC5081 support is only supported in
client mode.
- API and ABI modifications:
gnutls_ocsp_resp_check_crt: Added
- includes changes form version 3.0.24:
- libgnutls: The %COMPAT keyword, if specified, will tolerate
key usage violation errors (they are far too common to ignore).
- libgnutls: Corrected bug in OpenPGP subpacket encoding.
- libgnutls: Added X.509 certificate verification flag
- GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
of unsorted certificate chains and is enabled by default for
TLS certificate verification (if gnutls_certificate_set_verify_flags()
does not override it).
- libgnutls: Correctly restore gnutls_record_recv() in DTLS mode
if interrupted during the retrasmition of handshake data.
- libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
which provides a tool to counter compression-related attacks where
parts of the data are controlled by the attacker _and_ are placed in
separate records (use with care - do not use compression if not sure).
- libgnutls: Depends on libtasn1 2.14 or later.
- includes changes from version 3.0.23:
- gnutls-serv: Listens on IPv6
- libgnutls: Be tolerant in ECDSA signature violations (e.g. using
SHA256 with a SECP384 curve instead of SHA-384), to interoperate with
openssl.
- libgnutls: Fixed DSA and ECDSA signature generation in smart cards.
- includes changes from version 3.0.22
- libgnutls: When verifying a certificate chain make sure it is chain.
If the chain is wronly interrupted at some point then truncate it,
and only try to verify the correct part. Patch by David Woodhouse
- libgnutls: Restored the behavior of gnutls_x509_privkey_import_pkcs8()
which now may (again) accept a NULL password.
- certtool: Allow the user to choose the hash algorithm
when signing certificate request or certificate revocation list.
- Refresh gnutls-implement-trust-store-dir.diff, some parts are in
upstream sources
-------------------------------------------------------------------
Mon Jul 16 06:00:52 UTC 2012 - gjhe@suse.com