Navigation:
Browse pkgsrc
(this page)| 2024-11-01 13:55:19 by Thomas Klausner | Files touched by this commit (2426) |
Log message: *: revbump for icu downgrade |
| 2024-11-01 01:54:33 by Thomas Klausner | Files touched by this commit (2427) |
Log message: *: recursive bump for icu 76.1 shlib bump |
2024-08-18 22:32:44 by Adam Ciarcinski | Files touched by this commit (2) |  |
Log message: gnutls: updated to 3.8.7.1 Version 3.8.7 (released 2024-08-15) ** libgnutls: New configure option to compile out DSA support The --disable-dsa configure option has been added to completely disable DSA algorithm support. ** libgnutls: Experimental support for X25519Kyber768Draft00 key exchange in TLS For testing purposes, the hybrid post-quantum key exchange defined in draft-tls-westerbaan-xyber768d00 has been implemented using liboqs. Since the algorithm is still not finalized, the support of this key exchange is disabled by default and can be enabled with the --with-liboqs configure option. ** API and ABI modifications: No changes since last version. |
| 2024-07-04 12:02:09 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: gnutls: updated to 3.8.6 Version 3.8.6 (released 2024-07-03) ** libgnutls: PBMAC1 is now supported as a MAC mechanism for PKCS#12 To be compliant with FIPS 140-3, PKCS#12 files with MAC based on PBKDF2 (PBMAC1) is now supported, according to the specification proposed in draft-ietf-lamps-pkcs12-pbmac1. ** libgnutls: SHA3 extendable output functions (XOF) are now supported SHA3 XOF, SHAKE128 and SHAKE256, are now usable through a new public API gnutls_hash_squeeze. ** API and ABI modifications: gnutls_pkcs12_generate_mac3: New function gnutls_pkcs12_flags_t: New enum gnutls_hash_squeeze: New function |
| 2024-05-29 18:35:19 by Adam Ciarcinski | Files touched by this commit (1929) | |
Log message: revbump after icu and protobuf updates |
| 2024-05-16 08:15:47 by Thomas Klausner | Files touched by this commit (692) |
Log message: *: recursive bump for gnutls p11-kit option (existing installations need the bl3.mk included, but it's now only optionally included) |
| 2024-05-15 10:30:00 by Tobias Nygren | Files touched by this commit (1) |
Log message: gnutls: pkg-build-options.mk must come before conditional |
| 2024-05-15 10:13:25 by Nia Alarie | Files touched by this commit (4) |
Log message: gnutls: Make pkcs11 optional. pkcs11 and smart card support is rather unrelated to gnutls's core goal of providing TLS support to applications, and may be unsuitable e.g. on embedded devices |
| 2024-04-05 10:51:33 by Adam Ciarcinski | Files touched by this commit (2) | |
Log message: gnutls: updated to 3.8.5 Version 3.8.5 (released 2024-04-04) ** libgnutls: Due to majority of usages and implementations of RSA decryption with PKCS#1 v1.5 padding being incorrect, leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5 is being deprecated (encryption and decryption) and will be disabled in the future. A new option `allow-rsa-pkcs1-encrypt` has been added into the system-wide library configuration which allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the RSAES-PKCS1-v1_5 is enabled by default. ** libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for backward compatibility with GCR. ** libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1 v1.5 decryption error handling and deterministic ECDSA with earlier versions of GMP. These were a regression introduced in the 3.8.4 release. ** build: Fixed a bug where building gnutls statically failed due to a duplicate definition of nettle_rsa_compute_root_tr(). ** API and ABI modifications: GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t |
| 2024-03-21 07:08:38 by Adam Ciarcinski | Files touched by this commit (3) | |
Log message: gnutls: updated to 3.8.4 Version 3.8.4 (released 2024-03-18) ** libgnutls: RSA-OAEP encryption scheme is now supported To use it with an unrestricted RSA private key, one would need to initialize a gnutls_x509_spki_t object with necessary parameters for RSA-OAEP and attach it to the private key. It is also possible to import restricted private keys if they are stored in PKCS#8 format. ** libgnutls: Fix side-channel in the deterministic ECDSA. [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834] ** libgnutls: Fixed a bug where certtool crashed when verifying a certificate chain with more than 16 certificates. [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835] ** libgnutls: Compression libraries are now loaded dynamically as needed instead of all being loaded during gnutls library initialization. As a result, the library initialization should be faster. ** build: The gnutls library can now be linked with the static library of GMP. Note that in order for this to work libgmp.a needs to be compiled with -fPIC and libhogweed in Nettle also has to be linked to the static library of GMP. This can be used to prevent custom memory allocators from being overriden by other applications. |
New packages: