The GNU Transport Layer Security Library
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer. Currently the GnuTLS library
implements the proposed standards of the IETF's TLS working group.
- Developed at security:tls
- Sources inherited from project openSUSE:Factory
-
9
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:RISCV/gnutls && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
baselibs.conf | 0000000147 147 Bytes | |
gnutls-3.5.11-skip-trust-store-tests.patch | 0000001002 1002 Bytes | |
gnutls-3.6.0-disable-flaky-dtls_resume-test.patch | 0000000723 723 Bytes | |
gnutls-3.6.2.tar.xz | 0008093304 7.72 MB | |
gnutls-3.6.2.tar.xz.sig | 0000000310 310 Bytes | |
gnutls.changes | 0000150011 146 KB | |
gnutls.keyring | 0000107212 105 KB | |
gnutls.spec | 0000009344 9.13 KB |
Revision 108 (latest revision is 157)
Dominique Leuenberger (dimstar_suse)
accepted
request 587401
from
Marcus Meissner (msmeissn)
(revision 108)
- gnutls.keyring: Nikos key refreshed to be unexpired - GnuTLS 3.6.2: * libgnutls: When verifying against a self signed certificate ignore issuer. That is, ignore issuer when checking the issuer's parameters strength, resolving issue #347 which caused self signed certificates to be additionally marked as of insufficient security level. * libgnutls: Corrected MTU calculation for the CBC ciphersuites. The data MTU calculation now, it correctly accounts for the fixed overhead due to padding (as 1 byte), while at the same time considers the rest of the padding as part of data MTU. * libgnutls: Address issue of loading of all PKCS#11 modules on startup on systems with a PKCS#11 trust store (as opposed to a file trust store). Introduced a multi-stage initialization which loads the trust modules, and other modules are deferred for the first pure PKCS#11 request. * libgnutls: The SRP authentication will reject any parameters outside RFC5054. This protects any client from potential MitM due to insecure parameters. That also brings SRP in par with the RFC7919 changes to Diffie-Hellman. * libgnutls: Added the 8192-bit parameters of SRP to the accepted parameters for SRP authentication. * libgnutls: Addressed issue in the accelerated code affecting interoperability with versions of nettle >= 3.4. * libgnutls: Addressed issue in the AES-GCM acceleration under aarch64. * libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by Vitezslav Cizek). * srptool: the --create-conf option no longer includes 1024-bit parameters. * p11tool: Fixed the deletion of objects in batch mode. - Dropped gnutls-check_aes_keysize.patch as it is included upstream now.
Comments 0