Overview
Request 402105 superseded
- Version 3.4.13 (released 2016-06-06)
* libgnutls: Consider the SSLKEYLOGFILE environment to be compatible with
NSS instead of using a separate variable; in addition append any keys to
the file instead of overwriting it.
* libgnutls: use secure_getenv() where available to obtain environment
variables. Addresses GNUTLS-SA-2016-1.
- Version 3.4.12 (released 2016-05-20)
* libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. This
cipher is prioritized after AES-GCM.
* libgnutls: Fixes in gnutls_privkey_import_ecc_raw().
* libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the
GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that
operation could fail on certain PKCS#11 modules.
* libgnutls: gnutls_pkcs11_obj_import_url() and gnutls_x509_crt_import_url()
can accept the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag.
* libgnutls: gnutls_certificate_set_key() was enhanced to import the DNS
name of the certificates if the provided names are NULL.
* libgnutls: when receiving SNI names, only save and expose to application
the supported DNS names.
* libgnutls: when importing the certificate names at the
gnutls_certificate_set* functions, only consider the CN as a fallback
if DNS names are provided via the alternative name extension.
* gnutls-cli: on OCSP verification do not fail if we have a single valid
reply. Report and reproducer by Thomas Klute.
* libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to
log session keys in client side. These session keys are compatible with
the NSS Key Log Format and can be used to decrypt the session for
debugging using wireshark.
- Created by msmeissn
- In state superseded
- Supersedes 401844
- Superseded by 405821
- Open review for openSUSE:Factory:Staging:A
Request History
msmeissn created request
- Version 3.4.13 (released 2016-06-06)
* libgnutls: Consider the SSLKEYLOGFILE environment to be compatible with
NSS instead of using a separate variable; in addition append any keys to
the file instead of overwriting it.
* libgnutls: use secure_getenv() where available to obtain environment
variables. Addresses GNUTLS-SA-2016-1.
- Version 3.4.12 (released 2016-05-20)
* libgnutls: The CHACHA20-POLY1305 ciphersuite is enabled by default. This
cipher is prioritized after AES-GCM.
* libgnutls: Fixes in gnutls_privkey_import_ecc_raw().
* libgnutls: Fixed gnutls_pkcs11_get_raw_issuer() usage with the
GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag. Previously that
operation could fail on certain PKCS#11 modules.
* libgnutls: gnutls_pkcs11_obj_import_url() and gnutls_x509_crt_import_url()
can accept the GNUTLS_PKCS11_OBJ_FLAG_OVERWRITE_TRUSTMOD_EXT flag.
* libgnutls: gnutls_certificate_set_key() was enhanced to import the DNS
name of the certificates if the provided names are NULL.
* libgnutls: when receiving SNI names, only save and expose to application
the supported DNS names.
* libgnutls: when importing the certificate names at the
gnutls_certificate_set* functions, only consider the CN as a fallback
if DNS names are provided via the alternative name extension.
* gnutls-cli: on OCSP verification do not fail if we have a single valid
reply. Report and reproducer by Thomas Klute.
* libgnutls: The GNUTLS_KEYLOGFILE environment variable can be used to
log session keys in client side. These session keys are compatible with
the NSS Key Log Format and can be used to decrypt the session for
debugging using wireshark.
factory-auto added factory-repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
licensedigger accepted review
factory-repo-checker accepted review
Builds for repo Base:System/assist_repo_checker
dimstar_suse set openSUSE:Factory:Staging:A as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:A"
dimstar_suse accepted review
Picked openSUSE:Factory:Staging:A
superseded by 405821