| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | gnutls: update 3.3.29 -> 3.3.30 | Andre McCurdy | 2018-08-06 | 1 | -8/+0 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Version 3.3.30 (released 2018-07-16) ** libgnutls: Corrected infinite loop when an incorrect PIN was provided via pin-value or pin-source. ** gnutls-cli: backported the --sni-hostname option. This allows overriding the hostname advertised to the peer. ** Improved counter-measures for TLS CBC record padding. Kenny Paterson, Eyal Ronen and Adi Shamir reported that the existing counter-measures had certain issues and were insufficient when the attacker has additional access to the CPU cache and performs a chosen-plaintext attack. This affected the legacy CBC ciphersuites. [CVSS: medium] ** The ciphers utilizing HMAC-SHA384 and SHA256 have been removed from the default priority strings. They are not necessary for compatibility or other purpose and provide no advantage over their SHA1 counter-parts, as they all depend on the legacy TLS CBC block mode. ** API and ABI modifications: No changes since last version. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> | ||||
| * | gnutls: update 3.3.28 -> 3.3.29 | Andre McCurdy | 2018-02-28 | 1 | -0/+8 |
| * Version 3.3.29 (released 2018-02-16) ** libgnutls: Fixed issue which caused 1-byte handshake fragments to be refused. Reported by Balázs Kéri. ** libgnutls: Fixed interoperability issue with openssl when safe renegotiation was used. Resolves gitlab issue #259. ** libgnutls: Use readdir() instead of readdir_r internally. The latter is deprecated and on our use we don't need readdir() to be thread safe (which it is in most common platforms). ** libgnutls: require strict DER encoding for certificates, OCSP requests, private keys, CRLs and certificate requests. This backports the already default behavior from the 3.5.x branch, in order to reduce issues due to the complexity of BER rules. ** libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by Vitezslav Cizek). ** libgnutls: Addressed issue in the accelerated code which may affect interoperability with versions of nettle > 3.4. ** p11tool: Fixed issue preventing the deletion of objects in batch mode. ** p11tool: Mark all generated objects as sensitive by default. ** API and ABI modifications: No changes since last version. Signed-off-by: Andre McCurdy <armccurdy@gmail.com> Signed-off-by: Ross Burton <ross.burton@intel.com> | |||||
 |
index : linux/meta-gplv2.git | |
| Mirror of git.yoctoproject.org/meta-gplv2.git | N/A |
| summaryrefslogtreecommitdiffstats |