From 901e942e6360a3d87688b4be847f7726f8bcd265 Mon Sep 17 00:00:00 2001 From: wiz Date: Sat, 16 Sep 2006 06:21:22 +0000 Subject: Update to 1.4.4: * Version 1.4.4 (released 2006-09-12) ** Relax the test that caught signatures that exploit the variant of ** Bleichenbacher's Crypto 06 rump session attack on our ** verification logic flaw. In particular, we now permit the digestAlgorithm.parameters field to be present but empty, whereas in 1.4.3 we actually checked that the field was absent. ** Revert the removal of debug information for the GNUTLS-SA-2006-3 problem. The messages are only printed in debug mode, which is not recommended for normal use, and thus logging this situation cannot be abused as an oracle in typical recommended situations. ** API and ABI modifications: No changes since last version. --- security/gnutls/Makefile | 4 ++-- security/gnutls/distinfo | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'security/gnutls') diff --git a/security/gnutls/Makefile b/security/gnutls/Makefile index bc92a320d09..3ab9c0e486c 100644 --- a/security/gnutls/Makefile +++ b/security/gnutls/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.51 2006/09/10 21:12:21 wiz Exp $ +# $NetBSD: Makefile,v 1.52 2006/09/16 06:21:22 wiz Exp $ -DISTNAME= gnutls-1.4.3 +DISTNAME= gnutls-1.4.4 CATEGORIES= security devel MASTER_SITES= http://josefsson.org/gnutls/releases/ \ ftp://ftp.gnutls.org/pub/gnutls/ \ diff --git a/security/gnutls/distinfo b/security/gnutls/distinfo index 67a0255e9d9..3f6928de3e6 100644 --- a/security/gnutls/distinfo +++ b/security/gnutls/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.30 2006/09/10 21:12:21 wiz Exp $ +$NetBSD: distinfo,v 1.31 2006/09/16 06:21:22 wiz Exp $ -SHA1 (gnutls-1.4.3.tar.bz2) = c4182c3804235d6f3eb2f3e59bb560f22370d4fc -RMD160 (gnutls-1.4.3.tar.bz2) = 3be97523303c5350dea1b74e50feeab71804f857 -Size (gnutls-1.4.3.tar.bz2) = 4047997 bytes +SHA1 (gnutls-1.4.4.tar.bz2) = 8f6ee112c8d93dd726e8e3d0e3fbf234f085a2cd +RMD160 (gnutls-1.4.4.tar.bz2) = a31dfe33934ddf2500ae0e6c67aa265cd5b9ede4 +Size (gnutls-1.4.4.tar.bz2) = 4048916 bytes SHA1 (patch-ab) = 503bf7fa154341504db7ba3b5c6602627ff27dc5 -- cgit v1.2.3