Hello community, here is the log from the commit of package gnutls for openSUSE:Factory checked in at 2020-09-10 22:47:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gnutls (Old) and /work/SRC/openSUSE:Factory/.gnutls.new.4249 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "gnutls" Thu Sep 10 22:47:39 2020 rev:126 rq:832966 version:3.6.15 Changes: -------- --- /work/SRC/openSUSE:Factory/gnutls/gnutls.changes 2020-07-21 15:47:00.468044751 +0200 +++ /work/SRC/openSUSE:Factory/.gnutls.new.4249/gnutls.changes 2020-09-10 22:48:11.191831625 +0200 @@ -1,0 +2,23 @@ +Tue Sep 8 08:18:48 UTC 2020 - Vítězslav Čížek <[email protected]> + +- Update to 3.6.15 + * libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing. + [GNUTLS-SA-2020-09-04, CVSS: medium] + * libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now + indicates that with a false return value (!1306). + * libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked + accordingly to SP800-56A rev 3 (!1295, !1299). + * libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than + the size of the internal base64 blob (#1025). + * libgnutls: Certificate verification failue due to OCSP must-stapling is not + honered is now correctly marked with the GNUTLS_CERT_INVALID flag + * libgnutls: The audit log message for weak hashes is no longer printed twice + * libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is + disabled in the priority string. Previously, even when TLS 1.2 is explicitly + disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is + enabled (#1054). +- drop upstreamed patches: + * gnutls-detect_nettle_so.patch + * 0001-crypto-api-always-allocate-memory-when-serializing-i.patch + +------------------------------------------------------------------- Old: ---- 0001-crypto-api-always-allocate-memory-when-serializing-i.patch gnutls-3.6.14.tar.xz gnutls-3.6.14.tar.xz.sig gnutls-detect_nettle_so.patch New: ---- gnutls-3.6.15.tar.xz gnutls-3.6.15.tar.xz.sig ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gnutls.spec ++++++ --- /var/tmp/diff_new_pack.i8NEns/_old 2020-09-10 22:48:12.459832794 +0200 +++ /var/tmp/diff_new_pack.i8NEns/_new 2020-09-10 22:48:12.463832797 +0200 @@ -28,7 +28,7 @@ %bcond_with tpm %bcond_without guile Name: gnutls -Version: 3.6.14 +Version: 3.6.15 Release: 0 Summary: The GNU Transport Layer Security Library License: LGPL-2.1-or-later AND GPL-3.0-or-later @@ -40,9 +40,7 @@ Source3: baselibs.conf Patch1: gnutls-3.5.11-skip-trust-store-tests.patch Patch4: gnutls-3.6.6-set_guile_site_dir.patch -Patch5: 0001-crypto-api-always-allocate-memory-when-serializing-i.patch Patch6: gnutls-temporarily_disable_broken_guile_reauth_test.patch -Patch7: gnutls-detect_nettle_so.patch BuildRequires: autogen BuildRequires: automake BuildRequires: datefudge ++++++ gnutls-3.5.11-skip-trust-store-tests.patch ++++++ --- /var/tmp/diff_new_pack.i8NEns/_old 2020-09-10 22:48:12.495832826 +0200 +++ /var/tmp/diff_new_pack.i8NEns/_new 2020-09-10 22:48:12.495832826 +0200 @@ -15,10 +15,10 @@ But this would create a build cycle. Skip test. -Index: gnutls-3.5.11/tests/trust-store.c +Index: gnutls-3.6.15/tests/trust-store.c =================================================================== ---- gnutls-3.5.11.orig/tests/trust-store.c 2017-04-07 07:52:07.000000000 +0200 -+++ gnutls-3.5.11/tests/trust-store.c 2017-05-18 10:33:53.537598763 +0200 +--- gnutls-3.6.15.orig/tests/trust-store.c 2020-09-08 10:24:24.018094247 +0200 ++++ gnutls-3.6.15/tests/trust-store.c 2020-09-08 10:24:25.534104346 +0200 @@ -44,6 +44,9 @@ static void tls_log_func(int level, cons void doit(void) ++++++ gnutls-3.6.14.tar.xz -> gnutls-3.6.15.tar.xz ++++++ ++++ 36841 lines of diff (skipped) ++++++ gnutls-3.6.6-set_guile_site_dir.patch ++++++ --- /var/tmp/diff_new_pack.i8NEns/_old 2020-09-10 22:48:15.211835329 +0200 +++ /var/tmp/diff_new_pack.i8NEns/_new 2020-09-10 22:48:15.211835329 +0200 @@ -1,8 +1,8 @@ -Index: gnutls-3.6.6/configure +Index: gnutls-3.6.15/configure =================================================================== ---- gnutls-3.6.6.orig/configure -+++ gnutls-3.6.6/configure -@@ -62868,7 +62868,7 @@ +--- gnutls-3.6.15.orig/configure 2020-09-08 10:24:22.362083215 +0200 ++++ gnutls-3.6.15/configure 2020-09-08 10:24:28.510124171 +0200 +@@ -69365,7 +69365,7 @@ fi { $as_echo "$as_me:${as_lineno-$LINENO}: checking for Guile site directory" >&5 $as_echo_n "checking for Guile site directory... " >&6; } ++++++ gnutls-temporarily_disable_broken_guile_reauth_test.patch ++++++ --- /var/tmp/diff_new_pack.i8NEns/_old 2020-09-10 22:48:15.235835351 +0200 +++ /var/tmp/diff_new_pack.i8NEns/_new 2020-09-10 22:48:15.239835355 +0200 @@ -1,8 +1,8 @@ -Index: gnutls-3.6.14/guile/Makefile.in +Index: gnutls-3.6.15/guile/Makefile.in =================================================================== ---- gnutls-3.6.14.orig/guile/Makefile.in 2020-06-03 15:05:54.000000000 +0200 -+++ gnutls-3.6.14/guile/Makefile.in 2020-06-09 09:03:17.267773380 +0200 -@@ -1850,7 +1850,7 @@ CLEANFILES = modules/gnutls.scm $(am__ap +--- gnutls-3.6.15.orig/guile/Makefile.in 2020-09-08 10:24:09.581998087 +0200 ++++ gnutls-3.6.15/guile/Makefile.in 2020-09-08 10:24:30.046134403 +0200 +@@ -1857,7 +1857,7 @@ CLEANFILES = modules/gnutls.scm $(am__ap TESTS = tests/anonymous-auth.scm tests/session-record-port.scm \ tests/pkcs-import-export.scm tests/errors.scm \ tests/x509-certificates.scm tests/x509-auth.scm \
