pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/gnutls Update to 1.4.4:

details:   https://anonhg.NetBSD.org/pkgsrc/rev/926c5b4b3762
branches:  trunk
changeset: 518714:926c5b4b3762
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Sat Sep 16 06:21:22 2006 +0000

description:
Update to 1.4.4:

* Version 1.4.4 (released 2006-09-12)

** Relax the test that caught signatures that exploit the variant of
** Bleichenbacher's Crypto 06 rump session attack on our
** verification logic flaw.
In particular, we now permit the digestAlgorithm.parameters field to
be present but empty, whereas in 1.4.3 we actually checked that the
field was absent.

** Revert the removal of debug information for the GNUTLS-SA-2006-3 problem.
The messages are only printed in debug mode, which is not recommended
for normal use, and thus logging this situation cannot be abused as an
oracle in typical recommended situations.

** API and ABI modifications:
No changes since last version.

diffstat:

 security/gnutls/Makefile |  4 ++--
 security/gnutls/distinfo |  8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diffs (26 lines):

diff -r 4a2eee257f75 -r 926c5b4b3762 security/gnutls/Makefile
--- a/security/gnutls/Makefile  Sat Sep 16 06:21:04 2006 +0000
+++ b/security/gnutls/Makefile  Sat Sep 16 06:21:22 2006 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.51 2006/09/10 21:12:21 wiz Exp $
+# $NetBSD: Makefile,v 1.52 2006/09/16 06:21:22 wiz Exp $
 
-DISTNAME=      gnutls-1.4.3
+DISTNAME=      gnutls-1.4.4
 CATEGORIES=    security devel
 MASTER_SITES=  http://josefsson.org/gnutls/releases/ \
                ftp://ftp.gnutls.org/pub/gnutls/ \
diff -r 4a2eee257f75 -r 926c5b4b3762 security/gnutls/distinfo
--- a/security/gnutls/distinfo  Sat Sep 16 06:21:04 2006 +0000
+++ b/security/gnutls/distinfo  Sat Sep 16 06:21:22 2006 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.30 2006/09/10 21:12:21 wiz Exp $
+$NetBSD: distinfo,v 1.31 2006/09/16 06:21:22 wiz Exp $
 
-SHA1 (gnutls-1.4.3.tar.bz2) = c4182c3804235d6f3eb2f3e59bb560f22370d4fc
-RMD160 (gnutls-1.4.3.tar.bz2) = 3be97523303c5350dea1b74e50feeab71804f857
-Size (gnutls-1.4.3.tar.bz2) = 4047997 bytes
+SHA1 (gnutls-1.4.4.tar.bz2) = 8f6ee112c8d93dd726e8e3d0e3fbf234f085a2cd
+RMD160 (gnutls-1.4.4.tar.bz2) = a31dfe33934ddf2500ae0e6c67aa265cd5b9ede4
+Size (gnutls-1.4.4.tar.bz2) = 4048916 bytes
 SHA1 (patch-ab) = 503bf7fa154341504db7ba3b5c6602627ff27dc5
Home | Main Index | Thread Index | Old Index