forked from pool/gnutls
b35c84d979
- Upgraded to 3.2.11
** libgnutls: Tolerate servers that send the SUPPORTED ECC extension.
** libgnutls: Reduced the TLS and DTLS version requirements for all
ciphersuites that are not GCM.
** libgnutls: When two initial keywords are specified then treat the
second as having the '+' modifier.
** libgnutls: When using a PKCS #11 module for verification ensure that
it has been marked a trusted policy module in p11-kit. Moreover, when an
empty (i.e., "pkcs11:") URL is specified, then try all trusted modules
in the system for verification.
http://p11-glue.freedesktop.org/doc/p11-kit/pkcs11-conf.html
** libgnutls: Fixed bug that prevented the rejection of v1 intermediate
CA certificates. Reported and investigated by Suman Jana.
CVE-2014-1959 / bnc#863989
** certtool: Added the --ask-pass option.
- gnutls-3.2.10-supported-ecc.patch: upstreamed
- gnutls-fix-missing-ipv6.patch: upstreamed
- Upgrade to 3.1.20 (released 2014-01-31)
** libgnutls: fixed null pointer derefence when printing a certificate
DN and an LDAP description isn't present.
** libgnutls: gnutls_db_check_entry_time will correctly report the time;
report and patch by Jonathan Roudiere.
- Upgrade to 3.2.9 (released 2014-01-24)
** libgnutls: The %DUMBFW option in priority string only
appends data to client hello if the expected size is in the
"black hole" range.
** libgnutls: %COMPAT implies %DUMBFW.
** libgnutls: gnutls_session_get_desc() returns a more compact
ciphersuite description.
OBS-URL: https://build.opensuse.org/request/show/222335
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gnutls?expand=0&rev=69
287 B
287 B