diff options
| author | wiz <wiz@pkgsrc.org> | 2021-03-14 07:58:20 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2021-03-14 07:58:20 +0000 |
| commit | 67674fabdac003971f43498a5ecdcdc8a8fda613 (patch) | |
| tree | 87efc471c1865aa8d7d0674a07943c270248a87d /multimedia | |
| parent | d9c758dee506fceef0d6c0db0f20e6980d152c0c (diff) | |
| download | pkgsrc-67674fabdac003971f43498a5ecdcdc8a8fda613.tar.gz | |
gnutls: update to 3.7.1.
* Version 3.7.1 (released 2021-03-10)
** libgnutls: Fixed potential use-after-free in sending "key_share"
and "pre_shared_key" extensions. When sending those extensions, the
client may dereference a pointer no longer valid after
realloc. This happens only when the client sends a large Client
Hello message, e.g., when HRR is sent in a resumed session
previously negotiated large FFDHE parameters, because the initial
allocation of the buffer is large enough without having to call
realloc (#1151). [GNUTLS-SA-2021-03-10, CVSS: low]
** libgnutls: Fixed a regression in handling duplicated certs in a
chain (#1131).
** libgnutls: Fixed sending of session ID in TLS 1.3 middlebox
compatibiltiy mode. In that mode the client shall always send a
non-zero session ID to make the handshake resemble the TLS 1.2
resumption; this was not true in the previous versions (#1074).
** libgnutls: W32 performance improvement with a new sendmsg()-like
transport implementation (!1377).
** libgnutls: Removed dependency on the external 'fipscheck' package,
when compiled with --enable-fips140-mode (#1101).
** libgnutls: Added padlock acceleration for AES-192-CBC (#1004).
Diffstat (limited to 'multimedia')
0 files changed, 0 insertions, 0 deletions