Subject: CVS commit: [pkgsrc-2005Q1] pkgsrc/security/gnutls
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 05/02/2005 20:14:06
Module Name: pkgsrc
Committed By: salo
Date: Mon May 2 20:14:06 UTC 2005
Modified Files:
pkgsrc/security/gnutls [pkgsrc-2005Q1]: Makefile PLIST buildlink3.mk
distinfo
Removed Files:
pkgsrc/security/gnutls/patches [pkgsrc-2005Q1]: patch-aa
Log Message:
Pullup ticket 479 - requested by Thomas Klausner
security update for gnutls
Revisions pulled up:
- pkgsrc/security/gnutls/Makefile 1.26, 1.28
- pkgsrc/security/gnutls/PLIST 1.13-1.14
- pkgsrc/security/gnutls/buildlink3.mk 1.8
- pkgsrc/security/gnutls/distinfo 1.15-1.16
- pkgsrc/security/gnutls/patches/patch-aa removed
Module Name: pkgsrc
Committed By: wiz
Date: Fri Apr 8 15:50:41 UTC 2005
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo
Removed Files:
pkgsrc/security/gnutls/patches: patch-aa
Log Message:
Update to 1.2.1:
* Version 1.2.1 (2005-04-04)
- gnutls_bye() will no longer fail when RDWR is used and application
data are available for reading.
- Added more strict checks for the SRP parameters (g,n), when they
are not in the included list.
- Added warning to certtool when MD5 is being used for digital
signatures.
- Optimizations ("-O2 -finline-functions") are not enabled by default,
instead the standard autoconf defaults are used. Use `./configure
CFLAGS="-O2 -finline-functions"' to get the old optimizations.
- Added the option --get-dh-params to certtool, in order to get the
included in the library primes and generators.
- Improved the semantics of GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT, to
allow only trusted Version 1 CAs and introduced
GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT which has the old semantics.
- Nettle self tests now build properly, reported by Pierre
- Eliminated some memory leaks in DHE and RSA-EXPORT cipher suites.
Reported by Yoann Vandoorselaere
- Added the functions:
gnutls_x509_crt_list_import(),
gnutls_x509_crq_get_attribute_by_oid(),
gnutls_x509_crq_set_attribute_by_oid() and
gnutls_x509_crt_set_extension_by_oid().
- If the library has been compiled with features disabled, a warning is
issued during the compilation of any program.
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon May 2 12:59:24 UTC 2005
Modified Files:
pkgsrc/security/gnutls: Makefile PLIST distinfo
Log Message:
Update to 1.2.3:
* Version 1.2.3
- Corrected bug in record packet parsing that could lead
to a denial of service attack.
- Corrected bug in RSA key export. Previously exported keys
can be fixed using certtool. Use certtool -k <infile >outfile
- API and ABI modifications:
gnutls_x509_privkey_fix(): Add.
* Version 1.2.2 (2005-04-25)
- gnutls_error_to_alert() now considers
GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET.
- Fixed error in session resuming that could cause a crash in
a session.
- Fixed pkcs12 friendly name and local key identifier decoding.
- Internal cleanups, removed duplicate typedef/struct definitions,
and made source code include external include file, to check
function prototypes during compile time.
- API and ABI modifications:
No changes since last version. At least not intentional, but due
to the include header changes, there may be inadvertant changes,
please let us know if you find any.
---
Module Name: pkgsrc
Committed By: salo
Date: Mon May 2 19:48:37 UTC 2005
Modified Files:
pkgsrc/security/gnutls: buildlink3.mk
Log Message:
Bump BUILDLINK_RECOMMENDED after latest security update. (hi wiz!)
To generate a diff of this commit:
cvs rdiff -r1.25 -r1.25.2.1 pkgsrc/security/gnutls/Makefile
cvs rdiff -r1.12 -r1.12.2.1 pkgsrc/security/gnutls/PLIST
cvs rdiff -r1.7 -r1.7.4.1 pkgsrc/security/gnutls/buildlink3.mk
cvs rdiff -r1.13.2.1 -r1.13.2.2 pkgsrc/security/gnutls/distinfo
cvs rdiff -r1.3 -r0 pkgsrc/security/gnutls/patches/patch-aa
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.