Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2016-01-23 01:03:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gnutls" Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2015-08-25 07:17:04.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2016-01-23 01:03:24.000000000 +0100 @@ -1,0 +2,60 @@ +Mon Jan 18 13:25:54 UTC 2016 - idonmez@suse.com + +- Update to 3.4.8 + All changes since 3.4.4: + * libgnutls: Corrected memory leak in gnutls_pubkey_import_privkey() + when used with PKCS #11 keys. + * libgnutls: For DSA and ECDSA keys in PKCS #11 objects, import + their public keys from either a public key object or a certificate. + That is, because private keys do not contain all the required + parameters for a direct import. + * libgnutls: Fixed issue when writing ECDSA private keys in PKCS #11 + tokens. + * libgnutls: Fixed out-of-bounds read in + gnutls_x509_ext_export_key_usage() + * libgnutls: The CHACHA20-POLY1305 ciphersuites were updated to + conform to draft-ietf-tls-chacha20-poly1305-02. + * libgnutls: Several fixes in PKCS #7 signing which improve + compatibility with the MacOSX tools. + * libgnutls: The max-record extension not negotiated on DTLS. This + resolves issue with the max-record being negotiated but ignored. + * certtool: Added the --p7-include-cert and --p7-show-data options. + * libgnutls: Properly require TLS 1.2 in all CBC-SHA256 and CBC-SHA384 + ciphersuites. This solves an interoperability issue with openssl. + * libgnutls: Corrected the setting of salt size in + gnutls_pkcs12_mac_info(). + * libgnutls: On a rehandshake allow switching from anonymous to ECDHE + and DHE ciphersuites. + * libgnutls: Corrected regression from 3.3.x which prevented + ARCFOUR128 from using arbitrary key sizes. + * libgnutls: Added GNUTLS_SKIP_GLOBAL_INIT macro to allow programs + skipping the implicit global initialization. + * gnutls.pc: Don't include libtool specific options to link flags. + * tools: Better support for FTP AUTH TLS negotiation + * libgnutls: Added new simple verification functions. That avoids the + need to install a callback to perform certificate verification. See + doc/examples/ex-client-x509.c for usage. + * libgnutls: Introduced the security parameter 'future' which is at + the 256-bit level of security, and 'ultra' was aligned to its + documented size at 192-bits. + * libgnutls: When writing a certificate into a PKCS #11 token, ensure + that CKA_SERIAL_NUMBER and CKA_ISSUER are written. + * libgnutls: Allow the presence of legacy ciphers and key exchanges in + priority strings and consider them a no-op. + * libgnutls: Handle the extended master secret as a mandatory + extension. That fixes incompatibility issues with Chromium (#45). + * libgnutls: Added the ability to copy a public key into a PKCS #11 + token. + * tools: Added support for LDAP and XMPP negotiation for STARTTLS. + * p11tool: Allow writing a public key into a PKCS #11 token. + * certtool: Key generation security level was switched to HIGH. That + is, by default the tool generates 3072 bit keys for RSA and DSA. + * libgnutls: When re-importing CRLs to a trust list ensure that there + no duplicate entries. + * certtool: Removed any arbitrary limits imposed on input file sizes + and maximum number of certificates imported. + * certtool: Allow specifying fixed dates on CRL generation. + * gnutls-cli-debug: Added check for inappropriate fallback support + (RFC7507). + +------------------------------------------------------------------- Old: ---- gnutls-3.4.4.tar.xz gnutls-3.4.4.tar.xz.sig New: ---- gnutls-3.4.8.tar.xz gnutls-3.4.8.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.XFsixV/_old 2016-01-23 01:03:26.000000000 +0100 +++ /var/tmp/diff_new_pack.XFsixV/_new 2016-01-23 01:03:26.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package gnutls # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,7 +29,7 @@ %bcond_with tpm Name: gnutls -Version: 3.4.4 +Version: 3.4.8 Release: 0 Summary: The GNU Transport Layer Security Library License: LGPL-2.1+ and GPL-3.0+ ++++++ gnutls-3.4.4.tar.xz -> gnutls-3.4.8.tar.xz ++++++ /work/SRC/openSUSE:Factory/gnutls/gnutls-3.4.4.tar.xz /work/SRC/openSUSE:Factory/.gnutls.new/gnutls-3.4.8.tar.xz differ: char 27, line 1