pkgsrc/security/gnutls
leot ed5c9b571c gnutls: Update to 3.6.15
Changes:
3.6.15
------
** libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing.
   The server sending a "no_renegotiation" alert in an unexpected timing,
   followed by an invalid second handshake was able to cause a TLS 1.3 client to
   crash via a null-pointer dereference. The crash happens in the application's
   error handling path, where the gnutls_deinit function is called after
   detecting a handshake failure (#1071).  [GNUTLS-SA-2020-09-04, CVSS: medium]

** libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now
   indicates that with a false return value (!1306).

** libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked
   accordingly to SP800-56A rev 3 (!1295, !1299).

** libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than
   the size of the internal base64 blob (#1025). The new behavior aligns to the
   existing documentation.

** libgnutls: Certificate verification failue due to OCSP must-stapling is not
   honered is now correctly marked with the GNUTLS_CERT_INVALID flag
   (!1317). The new behavior aligns to the existing documentation.

** libgnutls: The audit log message for weak hashes is no longer printed twice
   (!1301).

** libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is
   disabled in the priority string. Previously, even when TLS 1.2 is explicitly
   disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is
   enabled (#1054).

** API and ABI modifications:
No changes since last version.
2020-09-07 15:47:15 +00:00
..
patches gnutls: updated to 3.6.13 2020-04-01 08:24:07 +00:00
buildlink3.mk gnutls: fix detection of build options 2020-06-09 09:53:11 +00:00
DESCR
distinfo gnutls: Update to 3.6.15 2020-09-07 15:47:15 +00:00
libgnutls-config.mk
Makefile gnutls: Update to 3.6.15 2020-09-07 15:47:15 +00:00
options.mk security/gnutls: revbump, add support for building guile bindings 2020-05-14 14:30:02 +00:00
PLIST gnutls: Update to 3.6.14 2020-06-08 19:48:14 +00:00
PLIST.dane gnutls: Update to 3.6.10 2019-10-04 17:25:53 +00:00
PLIST.guile security/gnutls: revbump, add support for building guile bindings 2020-05-14 14:30:02 +00:00