diff options
| author | leot <leot@pkgsrc.org> | 2020-06-08 19:48:14 +0000 |
|---|---|---|
| committer | leot <leot@pkgsrc.org> | 2020-06-08 19:48:14 +0000 |
| commit | aceb37bc313d0813c25a93b39471a8282df2a374 (patch) | |
| tree | 6b80a7f2dc07301460f58416d227647503ab868c /security | |
| parent | 99ab7c3d4e712cb825edc2cb4b500fd36b7e4fe2 (diff) | |
| download | pkgsrc-aceb37bc313d0813c25a93b39471a8282df2a374.tar.gz | |
gnutls: Update to 3.6.14
Changes:
3.6.14
------
* libgnutls: Fixed insecure session ticket key construction, since 3.6.4.
The TLS server would not bind the session ticket encryption key with a
value supplied by the application until the initial key rotation, allowing
attacker to bypass authentication in TLS 1.3 and recover previous
conversations in TLS 1.2 (#1011).
[GNUTLS-SA-2020-06-03, CVSS: high]
* libgnutls: Fixed handling of certificate chain with cross-signed
intermediate CA certificates (#1008).
* libgnutls: Fixed reception of empty session ticket under TLS 1.2 (#997).
* libgnutls: gnutls_x509_crt_print() is enhanced to recognizes commonName
(2.5.4.3), decodes certificate policy OIDs (!1245), and prints Authority
Key Identifier (AKI) properly (#989, #991).
* certtool: PKCS #7 attributes are now printed with symbolic names (!1246).
* libgnutls: Added several improvements on Windows Vista and later releases
(!1257, !1254, !1256). Most notably the system random number generator now
uses Windows BCrypt* API if available (!1255).
* libgnutls: Use accelerated AES-XTS implementation if possible (!1244).
Also both accelerated and non-accelerated implementations check key block
according to FIPS-140-2 IG A.9 (!1233).
* libgnutls: Added support for AES-SIV ciphers (#463).
* libgnutls: Added support for 192-bit AES-GCM cipher (!1267).
* libgnutls: No longer use internal symbols exported from Nettle (!1235)
* API and ABI modifications:
GNUTLS_CIPHER_AES_128_SIV: Added
GNUTLS_CIPHER_AES_256_SIV: Added
GNUTLS_CIPHER_AES_192_GCM: Added
gnutls_pkcs7_print_signature_info: Added
Diffstat (limited to 'security')
| -rw-r--r-- | security/gnutls/Makefile | 5 | ||||
| -rw-r--r-- | security/gnutls/PLIST | 4 | ||||
| -rw-r--r-- | security/gnutls/distinfo | 10 |
3 files changed, 10 insertions, 9 deletions
diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile index a52d741266e..f445f9e73e3 100644 --- a/security/gnutls/Makefile +++ b/security/gnutls/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.212 2020/05/22 10:55:50 adam Exp $ +# $NetBSD: Makefile,v 1.213 2020/06/08 19:48:14 leot Exp $ -DISTNAME= gnutls-3.6.13 -PKGREVISION= 2 +DISTNAME= gnutls-3.6.14 CATEGORIES= security devel MASTER_SITES= https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/ EXTRACT_SUFX= .tar.xz diff --git a/security/gnutls/PLIST b/security/gnutls/PLIST index 6ec993343eb..d7b316eb2b4 100644 --- a/security/gnutls/PLIST +++ b/security/gnutls/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.70 2020/04/01 08:24:07 adam Exp $ +@comment $NetBSD: PLIST,v 1.71 2020/06/08 19:48:14 leot Exp $ bin/certtool bin/gnutls-cli bin/gnutls-cli-debug @@ -261,6 +261,7 @@ man/man3/gnutls_est_record_overhead_size.3 man/man3/gnutls_ext_get_current_msg.3 man/man3/gnutls_ext_get_data.3 man/man3/gnutls_ext_get_name.3 +man/man3/gnutls_ext_get_name2.3 man/man3/gnutls_ext_raw_parse.3 man/man3/gnutls_ext_register.3 man/man3/gnutls_ext_set_data.3 @@ -523,6 +524,7 @@ man/man3/gnutls_pkcs7_get_signature_info.3 man/man3/gnutls_pkcs7_import.3 man/man3/gnutls_pkcs7_init.3 man/man3/gnutls_pkcs7_print.3 +man/man3/gnutls_pkcs7_print_signature_info.3 man/man3/gnutls_pkcs7_set_crl.3 man/man3/gnutls_pkcs7_set_crl_raw.3 man/man3/gnutls_pkcs7_set_crt.3 diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo index 383b2079616..b1eabc31f6d 100644 --- a/security/gnutls/distinfo +++ b/security/gnutls/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.143 2020/04/01 08:24:07 adam Exp $ +$NetBSD: distinfo,v 1.144 2020/06/08 19:48:14 leot Exp $ -SHA1 (gnutls-3.6.13.tar.xz) = 0d3d0d093d6a7cf589612a7c21dbb46cb31c644b -RMD160 (gnutls-3.6.13.tar.xz) = fa5e9136c3a620436a65946f5e2a9f9b878b238b -SHA512 (gnutls-3.6.13.tar.xz) = 23581952cb72c9a34f378c002bb62413d5a1243b74b48ad8dc49eaea4020d33c550f8dc1dd374cf7fbfa4187b0ca1c5698c8a0430398268a8b8a863f8633305c -Size (gnutls-3.6.13.tar.xz) = 5958956 bytes +SHA1 (gnutls-3.6.14.tar.xz) = bea1b5abcb691acf014e592f41d0a9580a41216a +RMD160 (gnutls-3.6.14.tar.xz) = 89c4f89e4453c2d08ad0918fbf099d9fbcfe9cba +SHA512 (gnutls-3.6.14.tar.xz) = b2d427b5542a4679117c011dffa8efb0e0bffa3ce9cebc319f8998d03f80f4168d08f9fda35df18dbeaaada59e479d325a6c1c77d5ca7f8ce221b44e42bfe604 +Size (gnutls-3.6.14.tar.xz) = 6069088 bytes SHA1 (patch-configure) = 3653f74914f874aa369f62c8b267a46fd6b78eaa SHA1 (patch-lib_system_certs.c) = fba74b2834a36d66bddcd7d3405d0c91c1b14efc SHA1 (patch-src_libopts_autoopts_options.h) = ebeeafc834bce3b6b3f938e360b089e165ee4f9e |