Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2016-04-16 22:06:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gnutls" Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2016-02-24 14:25:16.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2016-04-16 22:07:01.000000000 +0200 @@ -1,0 +2,42 @@ +Mon Apr 11 09:18:26 UTC 2016 - meissner@suse.com + +- Updated to 3.4.11 + * Version 3.4.11 (released 2016-04-11) + ** libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. + Reported by Fridolin Pokorny. + ** libgnutls: Fixes in DSA key generation under PKCS #11. Report and + patches by Jan Vcelak. + ** libgnutls: Corrected behavior of ALPN extension parsing during + session resumption. Report and patches by Yuriy M. Kaminskiy. + ** libgnutls: Corrected regression (since 3.4.0) in + gnutls_server_name_set() which caused it not to accept non-null- + terminated hostnames. Reported by Tim Ruehsen. + ** libgnutls: Corrected printing of the IP Adress name constraints. + ** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers + serving chunk encoding which ocsptool doesn't support. Reported by + Thomas Klute. + ** certtool: do not require a CA for OCSP signing tag. This follows the + recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate + OCSP signing to another certificate without requiring it to be a CA. + Reported by Thomas Klute. + + * Version 3.4.10 (released 2016-03-03) + ** libgnutls: Eliminated issues preventing buffers more than 2^32 bytes + to be used with hashing functions. + ** libgnutls: Corrected leaks and other issues in + gnutls_x509_crt_list_import(). + ** libgnutls: Fixes in DSA key handling for PKCS #11. Report and + patches by Jan Vcelak. + ** libgnutls: Several fixes to prevent relying on undefined behavior + of C (found with libubsan). + + * Version 3.4.9 (released 2016-02-03) + ** libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would + negotiate the last commonly supported protocol, rather than the + first. Reported by Remi Denis-Courmont (#63). + ** libgnutls: Tolerate empty DN fields in informational output + functions. + ** libgnutls: Corrected regression causes by incorrect fix in + gnutls_x509_ext_export_key_usage() at 3.4.8 release. + +------------------------------------------------------------------- Old: ---- gnutls-3.4.8.tar.xz gnutls-3.4.8.tar.xz.sig New: ---- gnutls-3.4.11.tar.xz gnutls-3.4.11.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.i6hEPA/_old 2016-04-16 22:07:02.000000000 +0200 +++ /var/tmp/diff_new_pack.i6hEPA/_new 2016-04-16 22:07:02.000000000 +0200 @@ -29,7 +29,7 @@ %bcond_with tpm Name: gnutls -Version: 3.4.8 +Version: 3.4.11 Release: 0 Summary: The GNU Transport Layer Security Library License: LGPL-2.1+ and GPL-3.0+ ++++++ gnutls-3.4.8.tar.xz -> gnutls-3.4.11.tar.xz ++++++ /work/SRC/openSUSE:Factory/gnutls/gnutls-3.4.8.tar.xz /work/SRC/openSUSE:Factory/.gnutls.new/gnutls-3.4.11.tar.xz differ: char 27, line 1