gnutls-devel-2.12.23-21.el6.x86_64
[1.2 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2017-02-13):
- Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes
(#1326389, #1326073, #1323215, #1320982, #1328205, #1321112)
- Modified gnutls-serv to accept --sni-hostname (#1333521)
- Modified gnutls-serv to always reply with an alert message (#1327656)
- Removed support for DSA2 as it causes interoperability issues (#1321112)
- Allow sending and receiving certificates which were not in the
signature algorithms extension (#1328205)
- Removed support for EXPORT ciphersuites (#1337460)
- Raised the minimum acceptable DH size to 1024 (#1335924)
- Restricted the number of alert that can be received during handshake (#1388730)
- Added fixes for OpenPGP parsing issues (CVE-2017-5337, CVE-2017-5336, CVE-2017-5335)
- The exposed (but internal) crypto back-end registration API is deprecated and no
longer functional. The ABI is kept compatible (#1415682)
|
gnutls-devel-2.12.23-21.el6.i686
[1.2 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2017-02-13):
- Upgraded to 2.12.23 to incorporate multiple TLS 1.2 fixes
(#1326389, #1326073, #1323215, #1320982, #1328205, #1321112)
- Modified gnutls-serv to accept --sni-hostname (#1333521)
- Modified gnutls-serv to always reply with an alert message (#1327656)
- Removed support for DSA2 as it causes interoperability issues (#1321112)
- Allow sending and receiving certificates which were not in the
signature algorithms extension (#1328205)
- Removed support for EXPORT ciphersuites (#1337460)
- Raised the minimum acceptable DH size to 1024 (#1335924)
- Restricted the number of alert that can be received during handshake (#1388730)
- Added fixes for OpenPGP parsing issues (CVE-2017-5337, CVE-2017-5336, CVE-2017-5335)
- The exposed (but internal) crypto back-end registration API is deprecated and no
longer functional. The ABI is kept compatible (#1415682)
|
gnutls-devel-2.8.5-19.el6_7.x86_64
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2015-12-09):
- Prevent downgrade attack to RSA-MD5 in TLS 1.2 server key exchange (#1289885)
|
gnutls-devel-2.8.5-19.el6_7.i686
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2015-12-09):
- Prevent downgrade attack to RSA-MD5 in TLS 1.2 server key exchange (#1289885)
|
gnutls-devel-2.8.5-18.el6.i686
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2015-03-03):
- fix CVE-2015-0282 (#1198159)
- fix CVE-2015-0294 (#1198159)
|
gnutls-devel-2.8.5-18.el6.x86_64
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2015-03-03):
- fix CVE-2015-0282 (#1198159)
- fix CVE-2015-0294 (#1198159)
|
gnutls-devel-2.8.5-14.el6_5.x86_64
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2014-05-28):
- fix session ID length check (#1102024)
|
gnutls-devel-2.8.5-14.el6_5.i686
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2014-05-28):
- fix session ID length check (#1102024)
|
gnutls-devel-2.8.5-13.el6_5.x86_64
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2014-02-26):
- fix CVE-2014-0092 (#1069890)
|
gnutls-devel-2.8.5-13.el6_5.i686
[1.1 MiB] |
Changelog
by Nikos Mavrogiannopoulos (2014-02-26):
- fix CVE-2014-0092 (#1069890)
|
gnutls-devel-2.8.5-10.el6_4.2.x86_64
[1.1 MiB] |
Changelog
by Tomas Mraz (2013-05-27):
- fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619
upstream patch (#966754)
|
gnutls-devel-2.8.5-10.el6_4.2.i686
[1.1 MiB] |
Changelog
by Tomas Mraz (2013-05-27):
- fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619
upstream patch (#966754)
|
gnutls-devel-2.8.5-10.el6_4.1.x86_64
[1.1 MiB] |
Changelog
by Tomas Mraz (2013-02-21):
- fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238)
|
gnutls-devel-2.8.5-10.el6_4.1.i686
[1.1 MiB] |
Changelog
by Tomas Mraz (2013-02-21):
- fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238)
|
gnutls-devel-2.8.5-4.el6_2.2.x86_64
[1.1 MiB] |
Changelog
by Tomas Mraz (2012-03-26):
- fix CVE-2012-1573 - security issue in packet parsing (#805432)
- fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308)
|
gnutls-devel-2.8.5-4.el6_2.2.i686
[1.1 MiB] |
Changelog
by Tomas Mraz (2012-03-26):
- fix CVE-2012-1573 - security issue in packet parsing (#805432)
- fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308)
|