[ol7_latest_archive] gnutls-dane-3.3.24-1.el7.i686

Name:	gnutls-dane
Version:	3.3.24
Release:	1.el7
Architecture:	i686
Group:	System Environment/Libraries
Size:	31700
License:	GPLv3+ and LGPLv2+
RPM:	gnutls-dane-3.3.24-1.el7.i686.rpm
Source RPM:	gnutls-3.3.24-1.el7.src.rpm
Build Date:	Fri Sep 02 2016
Build Host:	x86-ol7-builder-01.us.oracle.com
Vendor:	Oracle America
URL:	http://www.gnutls.org/
Summary:	A DANE protocol implementation for GnuTLS
Description:	GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. This package contains library that implements the DANE protocol for verifying TLS certificates through DNSSEC.

Changelog (Show File list) (Show related packages)

Tue Jul 12 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.24-1

- Addressed issue with DSA public keys smaller than 2^1024 (#1238279)
- Addressed two-byte buffer overflow in the DTLS-0.9 protocol (#1209365)
- When writing certificates to smart cards write the CKA_ISSUER and
  CKA_SERIAL_NUMBER fields to allow NSS reading them (#1272179)
- Use the shared system certificate store (#1110750)
- Address MD5 transcript collision attacks in TLS key exchange (#1289888, 
  CVE-2015-7575)
- Allow hashing data over 2^32 bytes (#1306953)
- Ensure written PKCS#11 public keys are not marked as private (#1339453)
- Ensure secure_getenv() is called on all uses of environment variables
  (#1344591).
- Fix issues related to PKCS #11 private key listing on certain HSMs
  (#1351389)

Fri Jun 05 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-13

- Corrected reseed and respect of max_number_of_bits_per_request in 
  FIPS140-2 mode. Also enhanced the initial tests. (#1228199)

Mon Jan 05 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-12
```
- corrected fix of handshake buffer resets (#1153106)
```

Thu Dec 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-11

- Applied fix for urandom FD in FIPS140 mode (#1165047)
- Applied fix for FIPS140-2 related regression (#1110696)

Tue Dec 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-10

- Amended fix for urandom FD to avoid regression in FIPS140 mode (#1165047)

Tue Nov 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-9

- Amended fix for FIPS enforcement issue (#1163848)
- Fixed issue with applications that close all file descriptors (#1165047)

Thu Nov 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-8

- Applied fix for FIPS enforcement issue when only /etc/system-fips
  existed (#1163848)

Fri Nov 07 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-7
```
- Applied fix for CVE-2014-8564 (#1161473)
```
Wed Oct 29 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-6
```
- when generating test DH keys, enforce the q_bits.
```

Tue Oct 21 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-5

- do not enforce FIPS140-2 policies in non-FIPS140 mode (#1154774)