Path to this page:
Subject: CVS commit: pkgsrc/security/gnutls
From: Thomas Klausner
Date: 2013-10-28 00:13:09
Message id: 20131027231309.2782196@cvs.netbsd.org
Log Message:
Update to 3.2.5:
* Version 3.2.5 (released 2013-10-23)
** libgnutls: Documentation and build-time fixes.
** libgnutls: Allow the generation of DH groups of less than 700 bits.
** libgnutls: Added several combinations of ciphersuites with SHA256 and SHA384 \
as MAC,
as well as Camellia with GCM.
** libdane: Added interfaces to allow initialization of dane_query_t from
external DNS resolutions, and to allow direct verification of a certificate
chain against a dane_query_t. Contributed by Christian Grothoff.
** libdane: Fixed a buffer overflow in dane_query_tlsa(). This could be
triggered by a DNS server supplying more than 4 DANE records. Report and fix
by Christian Grothoff.
** srptool: Fixed index command line option. Patch by Attila Molnar.
** gnutls-cli: Added support for inline commands, using the
--inline-commands-prefix and --inline-commands options. Patch by Raj Raman.
** certtool: pathlen constraint is now read correctly. Reported by
Christoph Seitz.
** API and ABI modifications:
gnutls_certificate_get_crt_raw: Added
dane_verify_crt_raw: Added
dane_raw_tlsa: Added
* Version 3.2.4 (released 2013-08-31)
** libgnutls: Fixes when session tickets and session DB are used.
Report and initial patch by Stefan Buehler.
** libgnutls: Added the RSA-PSK key exchange. Patch by by Frank Morgner,
based on previous patch by Bardenheuer GmbH and Bundesdruckerei GmbH.
** libgnutls: Added ciphersuites that use ARCFOUR with ECDHE. Patch
by Stefan Buehler.
** libgnutls: Added the PFS priority string option.
** libgnutls: Gnulib included files are strictly LGPLv2.
** libgnutls: Corrected gnutls_certificate_server_set_request().
Reported by Petr Pisar.
** API and ABI modifications:
gnutls_record_set_timeout: Exported
Files: