Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2017-11-10 14:40:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls" Fri Nov 10 14:40:23 2017 rev:105 rq:539293 version:3.6.1 Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2017-09-25 13:50:31.533889938 +0200 +++ /work/SRC/openSUSE:Factory/.gnutls.new/gnutls.changes 2017-11-10 14:41:39.418227697 +0100 @@ -1,0 +2,25 @@ +Wed Nov 1 15:13:55 UTC 2017 - [email protected] + +- GnuTLS 3.6.1: + * Fix interoperability issue with openssl when safe renegotiation + was used + * gnutls_x509_crl_sign, gnutls_x509_crt_sign, + gnutls_x509_crq_sign, were modified to sign with a better + algorithm than SHA1. They will now sign with an algorithm that + corresponds to the security level of the signer's key. + * gnutls_x509_*_sign2() functions and gnutls_x509_*_privkey_sign() + accept GNUTLS_DIG_UNKNOWN (0) as a hash function option. That + will signal the function to auto-detect an appropriate hash + algorithm to use. + * Remove support for signature algorithms using SHA2-224 in TLS. + TLS 1.3 no longer uses SHA2-224 and it was never a widespread + algorithm in TLS 1.2 + * Refuse to use client certificates containing disallowed + algorithms for a session, reverting a change on 3.5.5 + * Refuse to resume a session which had a different SNI advertised + That improves RFC6066 support in server side. + * p11tool: Mark all generated objects as sensitive by default. + * p11tool: added options --sign-params and --hash. This allows + testing signature with multiple algorithms, including RSA-PSS. + +------------------------------------------------------------------- Old: ---- gnutls-3.6.0.tar.xz gnutls-3.6.0.tar.xz.sig New: ---- gnutls-3.6.1.tar.xz gnutls-3.6.1.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.kzdS78/_old 2017-11-10 14:41:41.462153816 +0100 +++ /var/tmp/diff_new_pack.kzdS78/_new 2017-11-10 14:41:41.462153816 +0100 @@ -23,7 +23,7 @@ %bcond_with tpm %bcond_without guile Name: gnutls -Version: 3.6.0 +Version: 3.6.1 Release: 0 Summary: The GNU Transport Layer Security Library License: LGPL-2.1+ AND GPL-3.0+ ++++++ gnutls-3.6.0.tar.xz -> gnutls-3.6.1.tar.xz ++++++ /work/SRC/openSUSE:Factory/gnutls/gnutls-3.6.0.tar.xz /work/SRC/openSUSE:Factory/.gnutls.new/gnutls-3.6.1.tar.xz differ: char 26, line 1
