Subject: CVS commit: pkgsrc/security/gnutls
To: None <>
From: Thomas Klausner <>
List: pkgsrc-changes
Date: 09/16/2006 06:21:22
Module Name:	pkgsrc
Committed By:	wiz
Date:		Sat Sep 16 06:21:22 UTC 2006

Modified Files:
	pkgsrc/security/gnutls: Makefile distinfo

Log Message:
Update to 1.4.4:

* Version 1.4.4 (released 2006-09-12)

** Relax the test that caught signatures that exploit the variant of
** Bleichenbacher's Crypto 06 rump session attack on our
** verification logic flaw.
In particular, we now permit the digestAlgorithm.parameters field to
be present but empty, whereas in 1.4.3 we actually checked that the
field was absent.

** Revert the removal of debug information for the GNUTLS-SA-2006-3 problem.
The messages are only printed in debug mode, which is not recommended
for normal use, and thus logging this situation cannot be abused as an
oracle in typical recommended situations.

** API and ABI modifications:
No changes since last version.

To generate a diff of this commit:
cvs rdiff -r1.51 -r1.52 pkgsrc/security/gnutls/Makefile
cvs rdiff -r1.30 -r1.31 pkgsrc/security/gnutls/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.