gnutls: Upgrade 3.8.2 -> 3.8.3 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Simone Weiß <simone.p.weiss@posteo.com>	2024-03-11 16:39:54 +0800
committer	Steve Sakoman <steve@sakoman.com>	2024-03-16 08:33:21 -1000
commit	c9834bf620885c0570e68187f270aa29dc81af9f (patch)
tree	70d89d2da91cbfde85be2e1040d3d35e0dc870cd /documentation/ref-manual/tasks.rst
parent	c557cb4f0242d047ca4e9b8f2b56a89bc5fbc7f1 (diff)
download	poky-c9834bf620885c0570e68187f270aa29dc81af9f.tar.gz

gnutls: Upgrade 3.8.2 -> 3.8.3

Upgrade version to adress recent CVE findings. Changelog ========= ** libgnutls: Fix more timing side-channel inside RSA-PSK key exchange [GNUTLS-SA-2024-01-14, CVSS: medium] [CVE-2024-0553] ** libgnutls: Fix assertion failure when verifying a certificate chain with a cycle of cross signatures [GNUTLS-SA-2024-01-09, CVSS: medium] [CVE-2024-0567] ** libgnutls: Fix regression in handling Ed25519 keys stored in PKCS#11 token certtool was unable to handle Ed25519 keys generated on PKCS#11 with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2. (cherry-pick from Oe-Core rev 705d2972b38efc9f331e3635c07ca92f8812b365) (From OE-Core rev: f40a53370eac89df38b2fab47c411a61d4df4fc0) Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'documentation/ref-manual/tasks.rst')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: