| Name: | gnutls-dane |
|---|---|
| Version: | 3.3.8 |
| Release: | 14.el7_2 |
| Architecture: | i686 |
| Group: | System Environment/Libraries |
| Size: | 31704 |
| License: | GPLv3+ and LGPLv2+ |
| RPM: | gnutls-dane-3.3.8-14.el7_2.i686.rpm |
| Source RPM: | gnutls-3.3.8-14.el7_2.src.rpm |
| Build Date: | Thu Jan 07 2016 |
| Build Host: | x86-ol7-builder-02.us.oracle.com |
| Vendor: | Oracle America |
| URL: | http://www.gnutls.org/ |
| Summary: | A DANE protocol implementation for GnuTLS |
| Description: | GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. This package contains library that implements the DANE protocol for verifying TLS certificates through DNSSEC. |
- Prevent downgrade attack to RSA-MD5 in server key exchange.
- Corrected reseed and respect of max_number_of_bits_per_request in FIPS140-2 mode. Also enhanced the initial tests. (#1228199)
- corrected fix of handshake buffer resets (#1153106)
- Applied fix for urandom FD in FIPS140 mode (#1165047) - Applied fix for FIPS140-2 related regression (#1110696)
- Amended fix for urandom FD to avoid regression in FIPS140 mode (#1165047)
- Amended fix for FIPS enforcement issue (#1163848) - Fixed issue with applications that close all file descriptors (#1165047)
- Applied fix for FIPS enforcement issue when only /etc/system-fips existed (#1163848)
- Applied fix for CVE-2014-8564 (#1161473)
- when generating test DH keys, enforce the q_bits.
- do not enforce FIPS140-2 policies in non-FIPS140 mode (#1154774)