Fri, 22 Nov 2024 02:34:24 CET | login

Information for build gnutls-3.3.26-9.el7

ID1046
Package Namegnutls
Version3.3.26
Release9.el7
Epoch
SummaryA TLS protocol implementation
DescriptionGnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures.
Built bykojiadmin
State complete
Volume DEFAULT
StartedThu, 02 May 2019 20:19:58 CEST
CompletedThu, 02 May 2019 20:19:58 CEST
Tags
built-by-centos
centos-7.5
v8.0-base
v8.1-base
v8.2-base
RPMs
src
gnutls-3.3.26-9.el7.src.rpm (info) (download)
x86_64
gnutls-3.3.26-9.el7.x86_64.rpm (info) (download)
gnutls-c++-3.3.26-9.el7.x86_64.rpm (info) (download)
gnutls-dane-3.3.26-9.el7.x86_64.rpm (info) (download)
gnutls-devel-3.3.26-9.el7.x86_64.rpm (info) (download)
gnutls-utils-3.3.26-9.el7.x86_64.rpm (info) (download)
Changelog * Fri May 26 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.26-9 - Address crash in OCSP status request extension, by eliminating the unneeded parsing (CVE-2017-7507, #1455828) * Wed Apr 26 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.26-7 - Address interoperability issue with 3.5.x (#1388932) - Reject CAs which are both trusted and blacklisted in trust module (#1375303) - Added new functions to set issuer and subject ID in certificates (#1378373) - Reject connections with less than 1024-bit DH parameters (#1335931) - Fix issue that made GnuTLS parse only the first 32 extensions (#1383748) - Mention limitations of certtool in manpage (#1375463) - Read PKCS#8 files with HMAC-SHA256 -as generated by openssl 1.1 (#1380642) - Do not link directly to trousers but instead use dlopen (#1379739) - Fix incorrect OCSP validation (#1377569) - Added support for pin-value in PKCS#11 URIs (#1379283) - Added the --id option to p11tool (#1399232) - Improved sanity checks in RSA key generation (#1444780) - Addressed CVE-2017-5334, CVE-2017-5335, CVE-2017-5336, CVE-2017-5337, CVE-2017-7869 * Tue Jul 12 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.24-1 - Addressed issue with DSA public keys smaller than 2^1024 (#1238279) - Addressed two-byte buffer overflow in the DTLS-0.9 protocol (#1209365) - When writing certificates to smart cards write the CKA_ISSUER and CKA_SERIAL_NUMBER fields to allow NSS reading them (#1272179) - Use the shared system certificate store (#1110750) - Address MD5 transcript collision attacks in TLS key exchange (#1289888, CVE-2015-7575) - Allow hashing data over 2^32 bytes (#1306953) - Ensure written PKCS#11 public keys are not marked as private (#1339453) - Ensure secure_getenv() is called on all uses of environment variables (#1344591). - Fix issues related to PKCS #11 private key listing on certain HSMs (#1351389) * Fri Jun 05 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-13 - Corrected reseed and respect of max_number_of_bits_per_request in FIPS140-2 mode. Also enhanced the initial tests. (#1228199) * Mon Jan 05 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-12 - corrected fix of handshake buffer resets (#1153106) * Thu Dec 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-11 - Applied fix for urandom FD in FIPS140 mode (#1165047) - Applied fix for FIPS140-2 related regression (#1110696) * Tue Dec 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-10 - Amended fix for urandom FD to avoid regression in FIPS140 mode (#1165047) * Tue Nov 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-9 - Amended fix for FIPS enforcement issue (#1163848) - Fixed issue with applications that close all file descriptors (#1165047) * Thu Nov 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-8 - Applied fix for FIPS enforcement issue when only /etc/system-fips existed (#1163848) * Fri Nov 07 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-7 - Applied fix for CVE-2014-8564 (#1161473) * Wed Oct 29 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-6 - when generating test DH keys, enforce the q_bits. * Tue Oct 21 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-5 - do not enforce FIPS140-2 policies in non-FIPS140 mode (#1154774) * Thu Oct 16 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-4 - reverted change to use the p11-kit certificate storage (#1110750) - added functions to test DH/ECDH in FIPS-140-2 mode and fixed RSA key generation (#1110696) - added manual dependencies on libtasn1 3.8 as well as p11-kit 0.20.7 - fixed SHA224 in SSSE3 optimized code - fixed issue with handshake buffer resets (#1153106) - fixed issue in RSA key generation with specific seeds in FIPS140-2 mode * Wed Oct 01 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-3 - added dependency on libtasn1 3.8 (#1110696) * Thu Sep 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-2 - disabled padlock CPU support in FIPS140-2 mode * Thu Sep 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-1 - updated to latest stable release * Fri Sep 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-1.b2 - updated with latest bug fixes for 3.3.x branch - delete bundled files * Thu Sep 04 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8b1-1 - updated with latest bug fixes for 3.3.x branch * Fri Aug 22 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.7-1 - new upstream release (#1110696) - allow DSA/DH key generation with 1024 when not in FIPS140-2 mode (#1132705) * Fri Aug 15 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.7b1-1 - updated with latest bug fixes for 3.3.x branch - utilize the p11-kit trust store (#1110750) * Tue Jul 29 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.6-2 - correct path of fipscheck links * Wed Jul 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.6-1 - rebased to 3.3.6 and enabled fips mode (#1110696) * Wed May 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.18-9 - fix session ID length check (#1102027) - fixes null pointer dereference (#1101727) * Tue Feb 25 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.18-8 - fixes CVE-2014-0092 (#1071815) * Fri Feb 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.18-7 - fixes CVE-2014-1959 * Fri Jan 24 2014 Daniel Mach <dmach@redhat.com> - 3.1.18-6 - Mass rebuild 2014-01-24 * Tue Jan 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.18-5 - Fixed issue with gnutls.info not being available (#1053487) * Tue Jan 14 2014 Tomáš Mráz <tmraz@redhat.com> 3.1.18-4 - build the crywrap tool * Thu Jan 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.1.18-3 - fixes crash in gnutls_global_deinit (#1047037) * Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 3.1.18-2 - Mass rebuild 2013-12-27 * Mon Dec 23 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.1.18-1 - new upstream release (#1040886) - Use the correct root key for unbound * Tue Nov 05 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.16-1 - new upstream release - fixes CVE-2013-4466 off-by-one in dane_query_tlsa() * Tue Oct 29 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.15-1 - new upstream release - fixes CVE-2013-4466 buffer overflow in handling DANE entries * Mon Jul 15 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-1 - new upstream release * Thu May 23 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.11-1 - new upstream release - enable ECC NIST Suite B curves * Mon Mar 25 2013 Tomas Mraz <tmraz@redhat.com> 3.1.10-1 - new upstream release - license of the library is back to LGPLv2.1+ * Fri Mar 15 2013 Tomas Mraz <tmraz@redhat.com> 3.1.9-1 - new upstream release * Thu Mar 07 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-3 - drop the temporary old library * Tue Feb 26 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-2 - don't send ECC algos as supported (#913797) * Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-1 - new upstream version * Wed Feb 06 2013 Tomas Mraz <tmraz@redhat.com> 3.1.7-1 - new upstream version, requires rebuild of dependencies - this release temporarily includes old compatibility .so * Tue Feb 05 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-2 - rebuilt with new libtasn1 - make guile bindings optional - breaks i686 build and there is no dependent package * Tue Jan 08 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-1 - new upstream version * Wed Nov 28 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-2 - use RSA bit sizes supported by libgcrypt in FIPS mode for security levels (#879643) * Fri Nov 09 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-1 - new upstream version * Thu Nov 01 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-4 - negotiate only FIPS approved algorithms in the FIPS mode (#871826) * Wed Aug 08 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-3 - fix the gnutls-cli-debug manpage - patch by Peter Schiffer * Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.20-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild * Mon Jun 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-1 - new upstream version * Fri May 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.19-1 - new upstream version * Thu Mar 29 2012 Tomas Mraz <tmraz@redhat.com> 2.12.18-1 - new upstream version * Thu Mar 08 2012 Tomas Mraz <tmraz@redhat.com> 2.12.17-1 - new upstream version - fix leaks in key generation (#796302) * Fri Feb 03 2012 Kevin Fenzi <kevin@scrye.com> - 2.12.14-3 - Disable largefile on arm arch. (#787287) * Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.14-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild * Tue Nov 08 2011 Tomas Mraz <tmraz@redhat.com> 2.12.14-1 - new upstream version * Mon Oct 24 2011 Tomas Mraz <tmraz@redhat.com> 2.12.12-1 - new upstream version * Thu Sep 29 2011 Tomas Mraz <tmraz@redhat.com> 2.12.11-1 - new upstream version * Fri Aug 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.9-1 - new upstream version * Tue Aug 16 2011 Tomas Mraz <tmraz@redhat.com> 2.12.8-1 - new upstream version * Mon Jul 25 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-2 - fix problem when using new libgcrypt - split libgnutlsxx to a subpackage (#455146) - drop libgnutls-openssl (#460310) * Tue Jun 21 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-1 - new upstream version * Mon May 09 2011 Tomas Mraz <tmraz@redhat.com> 2.12.4-1 - new upstream version * Tue Apr 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.3-1 - new upstream version * Mon Apr 18 2011 Tomas Mraz <tmraz@redhat.com> 2.12.2-1 - new upstream version * Thu Mar 03 2011 Tomas Mraz <tmraz@redhat.com> 2.10.5-1 - new upstream version * Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.10.4-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild * Wed Dec 08 2010 Tomas Mraz <tmraz@redhat.com> 2.10.4-1 - new upstream version * Thu Dec 02 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-2 - fix buffer overflow in gnutls-serv (#659259) * Fri Nov 19 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-1 - new upstream version * Thu Sep 30 2010 Tomas Mraz <tmraz@redhat.com> 2.10.2-1 - new upstream version * Wed Sep 29 2010 jkeating - 2.10.1-4 - Rebuilt for gcc bug 634757 * Thu Sep 23 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-3 - more patching for internal errors regression (#629858) patch by Vivek Dasmohapatra * Tue Sep 21 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-2 - backported patch from upstream git hopefully fixing internal errors (#629858) * Wed Aug 04 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-1 - new upstream version * Wed Jun 02 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-2 - add support for safe renegotiation CVE-2009-3555 (#533125) * Wed May 12 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-1 - upgrade to a new upstream version * Mon Feb 15 2010 Rex Dieter <rdieter@fedoraproject.org> 2.8.5-4 - FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624) * Thu Jan 28 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-3 - drop superfluous rpath from binaries - do not call autoreconf during build - specify the license on utils subpackage * Mon Jan 18 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-2 - do not create static libraries (#556052) * Mon Nov 02 2009 Tomas Mraz <tmraz@redhat.com> 2.8.5-1 - upgrade to a new upstream version * Wed Sep 23 2009 Tomas Mraz <tmraz@redhat.com> 2.8.4-1 - upgrade to a new upstream version * Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 2.8.3-1 - upgrade to a new upstream version * Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild * Wed Jun 10 2009 Tomas Mraz <tmraz@redhat.com> 2.8.1-1 - upgrade to a new upstream version * Wed Jun 03 2009 Tomas Mraz <tmraz@redhat.com> 2.8.0-1 - upgrade to a new upstream version * Mon May 04 2009 Tomas Mraz <tmraz@redhat.com> 2.6.6-1 - upgrade to a new upstream version - security fixes * Tue Apr 14 2009 Tomas Mraz <tmraz@redhat.com> 2.6.5-1 - upgrade to a new upstream version, minor bugfixes only * Fri Mar 06 2009 Tomas Mraz <tmraz@redhat.com> 2.6.4-1 - upgrade to a new upstream version * Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild * Mon Dec 15 2008 Tomas Mraz <tmraz@redhat.com> 2.6.3-1 - upgrade to a new upstream version * Thu Dec 04 2008 Tomas Mraz <tmraz@redhat.com> 2.6.2-1 - upgrade to a new upstream version * Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-3 - fix chain verification issue CVE-2008-4989 (#470079) * Thu Sep 25 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-2 - add guile subpackage (#463735) - force new libtool through autoreconf to drop unnecessary rpaths * Tue Sep 23 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-1 - new upstream version * Tue Jul 01 2008 Tomas Mraz <tmraz@redhat.com> 2.4.1-1 - new upstream version - correct the license tag - explicit --with-included-opencdk not needed - use external lzo library, internal not included anymore * Tue Jun 24 2008 Tomas Mraz <tmraz@redhat.com> 2.4.0-1 - upgrade to latest upstream * Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 2.0.4-3 - fix three security issues in gnutls handshake - GNUTLS-SA-2008-1 (#447461, #447462, #447463) * Mon Feb 04 2008 Joe Orton <jorton@redhat.com> 2.0.4-2 - use system libtasn1 * Tue Dec 04 2007 Tomas Mraz <tmraz@redhat.com> 2.0.4-1 - upgrade to latest upstream * Tue Aug 21 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-2 - license tag fix * Wed Jun 06 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-1 - upgrade to latest upstream (#232445) * Tue Apr 10 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-2 - properly require install-info (patch by Ville Skyttä) - standard buildroot and use dist tag - add COPYING and README to doc * Wed Feb 07 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-1 - new upstream version - drop libtermcap-devel from buildrequires * Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2 - detect forged signatures - CVE-2006-4790 (#206411), patch from upstream * Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1 - upgrade to new upstream version, only minor changes * Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1 - rebuild * Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1 - upgrade to new upstream version (#192070), rebuild of dependent packages required * Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2 - added missing buildrequires * Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1 - updated to new version (fixes CVE-2006-0645) * Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2 - bump again for double-long bug on ppc(64) * Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1 - rebuilt for new gcc4.1 snapshot and glibc changes * Tue Jan 03 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3 - rebuilt * Fri Dec 09 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2 - replaced *-config scripts with calls to pkg-config to solve multilib conflicts * Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1 - upgrade to newest upstream - removed .la files (#172635) * Sun Aug 07 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1 - upgrade to newest upstream (rebuild of dependencies necessary) * Mon Jul 04 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2 - split the command line tools to utils subpackage * Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1 - new upstream version fixes potential DOS attack * Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2 - readd the version script dropped by upstream * Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1 - update to the latest upstream version on the 1.0 branch * Wed Mar 02 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6 - gcc4 rebuild * Tue Jan 04 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5 - add gnutls Requires zlib-devel (#144069) * Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4 - Make gnutls-devel Require libgcrypt-devel * Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3 - rebuild with release++, otherwise unchanged. * Tue Sep 07 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2 - patent tainted SRP code removed. * Sun Sep 05 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1 - update to 1.0.20. - add --with-included-opencdk --with-included-libtasn1 - add --with-included-libcfg --with-included-lzo - add --disable-srp-authentication. - do "make check" after build. * Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1 - upgrade to 0.9.2 * Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1 - update to 0.4.4. * Fri Jun 21 2002 Tim Powers <timp@redhat.com> - automated rebuild * Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1 - update to 0.4.3. * Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1 - update to 0.4.2. - change license to LGPL. - include splint annotations patch. * Tue Apr 02 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1 - update to 0.4.0 * Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1 - update to 0.3.2 * Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1 - add a URL * Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com> - initial package