Updated: {gnutls/libgnutls26/libgnutls-devel}-2.8.6-1: Library implementing TLS 1.0 and SSL 3.0 protocols
Dr. Volker Zell
dr.volker.zell@oracle.com
Tue May 18 15:10:00 GMT 2010
Hi
New versions of 'gnutls/libgnutls26/libgnutls-devel' have been uploaded to a server near you.
o Update to latest upstream version
gnutls NEWS:
===============
* Version 2.8.6 (released 2010-03-15)
** libgnutls: For CSRs, don't null pad integers for RSA/DSA value.
VeriSign rejected CSRs with this padding. Reported by Wilankar Trupti
<trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>.
Note: As a side effect of this change, the "public key identifier"
value computed for a certificate using this version of GnuTLS will be
different from values computed using earlier versions of GnuTLS.
** libgnutls: For CSRs on DSA keys, don't add DSA parameters to the
** optional SignatureAlgorithm parameter field.
VeriSign rejected these CSRs. They are stricly speaking not needed
since you need the signer's certificate to verify the certificate
signature anyway. Reported by Wilankar Trupti
<trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>.
** libgnutls: When checking openpgp self signature also check the signatures
** of all subkeys.
Ilari Liusvaara noticed and reported the issue and provided test
vectors as well.
** libgnutls: Cleanups and several bug fixes.
Found by Steve Grubb and Tomas Mraz.
** Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv.
** Fix --disable-valgrind-tests.
Reported by Ingmar Vanhassel in
<https://savannah.gnu.org/support/?107029>.
** examples: Use the new APIs for printing X.509 certificate information.
** Fix build failures on Solaris.
Thanks to Dagobert Michelsen <dam@opencsw.org>.
** i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese
** translations. Added Simplified Chinese translation.
** API and ABI modifications:
No changes since last version.
* Version 2.8.5 (released 2009-11-02)
** libgnutls: In server side when resuming a session do not overwrite the
** initial session data with the resumed session data.
** libgnutls: Fix PKCS#12 encoding.
The error you would get was "The OID is not supported.". Problem
introduced for the v2.8.x branch in 2.7.6.
** guile: Compatibility with guile 2.x.
By Ludovic Courtes <ludovic.courtes@laas.fr>.
** tests: Fix expired cert in chainverify self-test.
** tests: Fix time bomb in chainverify self-test.
Reported by Andreas Metzler <ametzler@downhill.at.eu.org> in
<http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3925>.
** API and ABI modifications:
No changes since last version.
* Version 2.8.4 (released 2009-09-18)
** libgnutls: Enable Camellia ciphers by default.
** libgnutls: Make OpenPGP hostname checking work again.
The patch to resolve the X.509 CN/SAN issue accidentally broken
OpenPGP hostname comparison.
** libgnutls: When printing X.509 certificates, handle XMPP SANs better.
Reported by Howard Chu <hyc@symas.com> in
<https://savannah.gnu.org/support/?106975>.
** API and ABI modifications:
No changes since last version.
CYGWIN-ANNOUNCE UNSUBSCRIBE INFO
================================
If you want to unsubscribe from the cygwin-announce mailing list, please
use the automated form at:
http://cygwin.com/lists.html#subscribe-unsubscribe
If this does not work, then look at the "List-Unsubscribe: " tag in the
email header of this message. Send email to the address specified
there. It will be in the format:
cygwin-announce-unsubscribe-you=yourdomain.com@cygwin.com
If you need more information on unsubscribing, start reading here:
http://sourceware.org/lists.html#unsubscribe-simple
Please read *all* of the information on unsubscribing that is available
starting at this URL.
More information about the Cygwin-announce
mailing list