Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at Thu Sep 22 10:45:54 CEST 2011. -------- --- gnutls/gnutls.changes 2011-08-29 10:00:14.000000000 +0200 +++ /mounts/work_src_done/STABLE/gnutls/gnutls.changes 2011-09-20 19:03:07.000000000 +0200 @@ -1,0 +2,70 @@ +Tue Sep 20 16:03:50 UTC 2011 - vuntz@opensuse.org + +- Update to version 3.0.3: + + libgnutls: + - Added gnutls_record_get_discarded() to return the number of + discarded records in a DTLS session. + - All functions related to RSA-EXPORT were deprecated. + - Memory leak fixes in credentials private key + deinitialization. + - Memory leak fixes in ECC ciphersuites. + - Do not send an empty extension structure in server hello. + This affected old implementations that do not support + extensions. + - Allow CA importing of 0 certificates to succeed. + - Added support for VIA padlock AES optimizations. (disabled by + default) + - Added support for elliptic curves in PKCS #11. + - Added gnutls_pkcs11_privkey_generate() to allow generating a + key in a token. + - gnutls_transport_set_lowat dummy macro was removed. + + p11tool: Added generate-rsa, generate-dsa and generate-ecc + options to allow generating private keys in the token. +- Changes from version 3.0.2: + + libgnutls: + - OpenPGP certificate type is not enabled by default. + - Added %NO_EXTENSIONS priority string. + - Corrected issue in gnutls_record_recv() triggered on + encryption or compression error. + - Compatibility fixes in CPU ID detection for i386 and old GCC. + - Corrected parsing of XMPP subject alternative names. + - Allow for out-of-order ChangeCipherSpec message in DTLS. + - gnutls_certificate_set_x509_key() and + gnutls_certificate_set_openpgp_key() operate as in 2.10.x and + allow the release of the private key during the lifetime of + the certificate structure. + + gnutls-cli: Benchmark applications were incorporated with it. +- Changes from version 3.0.1: + + libgnutls: + - gnutls_certificate_set_x509_key_file() and friends support + server name indication. If multiple certificates are set + using these functions the proper one will be selected during + a handshake. + - Added AES-256-GCM which was left out from the previous + release. + - When asking for a PKCS# 11 PIN multiple times, the flags in + the callback were not being updated to reflect for PIN low + count or final try. + - Do not allow second instances of PKCS #11 modules. + - Fixed alignment issue in AES-NI code. + - The config file at gnutls_pkcs11_init() is being read if + provided. + - Ensure that a certificate list specified using + gnutls_certificate_set_x509_key() and friends, is sorted + according to TLS specification (from subject to issuer). + - Added GNUTLS_X509_CRT_LIST_FAIL_IF_UNSORTED flag for + gnutls_x509_crt_list_import. It checks whether the list to be + imported is properly sorted. + + crywrap: Added to the distribution. It is an application that + proxies TLS session to a port using a plaintext service. + + Many GTK-DOC improvements. + + Updated translations. +- Drop 0001-Included-appro-s-updates-to-AES-NI.patch, + 0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch, + 0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch, + 0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch: all fixed + upstream. +- Drop call to autoreconf: it was only needed for the patches. +- Add libidn-devel BuildRequires for the new crywrap tool. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- 0001-Included-appro-s-updates-to-AES-NI.patch 0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch 0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch 0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch gnutls-3.0.0.tar.xz New: ---- gnutls-3.0.3.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.dqfsch/_old 2011-09-22 10:45:50.000000000 +0200 +++ /var/tmp/diff_new_pack.dqfsch/_new 2011-09-22 10:45:50.000000000 +0200 @@ -22,8 +22,8 @@ %define gnutls_extra_sover 28 Name: gnutls -Version: 3.0.0 -Release: 3 +Version: 3.0.3 +Release: 1 License: LGPLv3+ Summary: The GNU Transport Layer Security Library Url: http://www.gnutls.org/ @@ -33,6 +33,7 @@ BuildRequires: gcc-c++ BuildRequires: libnettle-devel >= 2.2 BuildRequires: p11-kit-devel +BuildRequires: libidn-devel BuildRequires: libtasn1-devel BuildRequires: pkg-config BuildRequires: xz @@ -42,10 +43,6 @@ %ifarch ppc64 Obsoletes: gnutls-64bit %endif -Patch0: 0001-Included-appro-s-updates-to-AES-NI.patch -Patch1: 0002-Added-note.GNU-stack-to-prevent-marking-the-library-.patch -Patch2: 0003-Force-alignment-for-AES-NI-to-the-runtime-rather-tha.patch -Patch3: 0006-Added-AES-256-GCM.-Reported-by-Benjamin-Hof.patch %description The GnuTLS project aims to develop a library that provides a secure @@ -54,7 +51,6 @@ %package -n libgnutls%{gnutls_sover} - License: LGPLv2.1+ Summary: The GNU Transport Layer Security Library Group: Productivity/Networking/Security @@ -66,7 +62,6 @@ %package -n libgnutlsxx%{gnutlsxx_sover} - License: LGPLv2.1+ Summary: The GNU Transport Layer Security Library Group: Productivity/Networking/Security @@ -79,7 +74,6 @@ %package -n libgnutls-extra%{gnutls_extra_sover} - License: GPLv3+ Summary: The GNU Transport Layer Security Library Group: Productivity/Networking/Security @@ -92,7 +86,6 @@ %package -n libgnutls-openssl%{gnutls_ossl_sover} - License: GPLv3+ Summary: The GNU Transport Layer Security Library Group: Productivity/Networking/Security @@ -160,13 +153,8 @@ %prep %setup -q -%patch0 -p1 -%patch1 -p1 -%patch2 -p1 -%patch3 -p1 %build -autoreconf -fi %configure \ --disable-static \ --with-pic \ @@ -219,6 +207,7 @@ %defattr(-, root, root) %doc THANKS README NEWS ChangeLog COPYING AUTHORS doc/TODO %{_bindir}/certtool +%{_bindir}/crywrap %{_bindir}/gnutls-cli %{_bindir}/gnutls-cli-debug %{_bindir}/gnutls-serv ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org