pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/security/gnutls
Module Name: pkgsrc
Committed By: leot
Date: Mon Sep 7 15:47:15 UTC 2020
Modified Files:
pkgsrc/security/gnutls: Makefile distinfo
Log Message:
gnutls: Update to 3.6.15
Changes:
3.6.15
------
** libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing.
The server sending a "no_renegotiation" alert in an unexpected timing,
followed by an invalid second handshake was able to cause a TLS 1.3 client to
crash via a null-pointer dereference. The crash happens in the application's
error handling path, where the gnutls_deinit function is called after
detecting a handshake failure (#1071). [GNUTLS-SA-2020-09-04, CVSS: medium]
** libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now
indicates that with a false return value (!1306).
** libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked
accordingly to SP800-56A rev 3 (!1295, !1299).
** libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than
the size of the internal base64 blob (#1025). The new behavior aligns to the
existing documentation.
** libgnutls: Certificate verification failue due to OCSP must-stapling is not
honered is now correctly marked with the GNUTLS_CERT_INVALID flag
(!1317). The new behavior aligns to the existing documentation.
** libgnutls: The audit log message for weak hashes is no longer printed twice
(!1301).
** libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is
disabled in the priority string. Previously, even when TLS 1.2 is explicitly
disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is
enabled (#1054).
** API and ABI modifications:
No changes since last version.
To generate a diff of this commit:
cvs rdiff -u -r1.216 -r1.217 pkgsrc/security/gnutls/Makefile
cvs rdiff -u -r1.144 -r1.145 pkgsrc/security/gnutls/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/security/gnutls/Makefile
diff -u pkgsrc/security/gnutls/Makefile:1.216 pkgsrc/security/gnutls/Makefile:1.217
--- pkgsrc/security/gnutls/Makefile:1.216 Mon Aug 31 18:11:07 2020
+++ pkgsrc/security/gnutls/Makefile Mon Sep 7 15:47:15 2020
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.216 2020/08/31 18:11:07 wiz Exp $
+# $NetBSD: Makefile,v 1.217 2020/09/07 15:47:15 leot Exp $
-DISTNAME= gnutls-3.6.14
-PKGREVISION= 2
+DISTNAME= gnutls-3.6.15
CATEGORIES= security devel
MASTER_SITES= https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/
EXTRACT_SUFX= .tar.xz
Index: pkgsrc/security/gnutls/distinfo
diff -u pkgsrc/security/gnutls/distinfo:1.144 pkgsrc/security/gnutls/distinfo:1.145
--- pkgsrc/security/gnutls/distinfo:1.144 Mon Jun 8 19:48:14 2020
+++ pkgsrc/security/gnutls/distinfo Mon Sep 7 15:47:15 2020
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.144 2020/06/08 19:48:14 leot Exp $
+$NetBSD: distinfo,v 1.145 2020/09/07 15:47:15 leot Exp $
-SHA1 (gnutls-3.6.14.tar.xz) = bea1b5abcb691acf014e592f41d0a9580a41216a
-RMD160 (gnutls-3.6.14.tar.xz) = 89c4f89e4453c2d08ad0918fbf099d9fbcfe9cba
-SHA512 (gnutls-3.6.14.tar.xz) = b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604
-Size (gnutls-3.6.14.tar.xz) = 6069088 bytes
+SHA1 (gnutls-3.6.15.tar.xz) = 00ef7d93347df586c3d1a00f13c326706c0c59ba
+RMD160 (gnutls-3.6.15.tar.xz) = 870c338ae8c2b6acd7000eb7daa287082ab04609
+SHA512 (gnutls-3.6.15.tar.xz) = f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c
+Size (gnutls-3.6.15.tar.xz) = 6081656 bytes
SHA1 (patch-configure) = 3653f74914f874aa369f62c8b267a46fd6b78eaa
SHA1 (patch-lib_system_certs.c) = fba74b2834a36d66bddcd7d3405d0c91c1b14efc
SHA1 (patch-src_libopts_autoopts_options.h) = ebeeafc834bce3b6b3f938e360b089e165ee4f9e
Home |
Main Index |
Thread Index |
Old Index