-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-9487 2010-06-04 17:59:11 --------------------------------------------------------------------------------
Name : gnutls Product : Fedora 12 Version : 2.8.6 Release : 2.fc12 URL : http://www.gnutls.org/ Summary : A TLS protocol implementation Description : GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library implements the proposed standards by the IETF's TLS working group. -------------------------------------------------------------------------------- Update Information: Add implementation of the safe renegotiation extension to fix the CVE-2009-3555 security vulnerability. -------------------------------------------------------------------------------- ChangeLog: * Wed Jun 2 2010 Tomas Mraz <[email protected]> 2.8.6-2 - add support for safe renegotiation CVE-2009-3555 (#533125) * Wed May 12 2010 Tomas Mraz <[email protected]> 2.8.6-1 - upgrade to a new upstream version * Mon Feb 15 2010 Rex Dieter <[email protected]> 2.8.5-4 - FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624) * Thu Jan 28 2010 Tomas Mraz <[email protected]> 2.8.5-3 - drop superfluous rpath from binaries - do not call autoreconf during build - specify the license on utils subpackage * Mon Jan 18 2010 Tomas Mraz <[email protected]> 2.8.5-2 - do not create static libraries (#556052) -------------------------------------------------------------------------------- References: [ 1 ] Bug #533125 - CVE-2009-3555 TLS: MITM attacks via session renegotiation https://bugzilla.redhat.com/show_bug.cgi?id=533125 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update gnutls' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
