| Name: | gnutls-dane |
|---|---|
| Version: | 3.6.16 |
| Release: | 8.el8_9.1 |
| Architecture: | x86_64 |
| Group: | System Environment/Libraries |
| Size: | 46248 |
| License: | GPLv3+ and LGPLv2+ |
| RPM: | gnutls-dane-3.6.16-8.el8_9.1.x86_64.rpm |
| Source RPM: | gnutls-3.6.16-8.el8_9.1.src.rpm |
| Build Date: | Wed Jan 31 2024 |
| Build Host: | build-ol8-x86_64.oracle.com |
| Vendor: | Oracle America |
| URL: | http://www.gnutls.org/ |
| Summary: | A DANE protocol implementation for GnuTLS |
| Description: | GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. This package contains library that implements the DANE protocol for verifying TLS certificates through DNSSEC. |
- auth/rsa-psk: minimize branching after decryption (RHEL-21550)
- auth/rsa_psk: side-step potential side-channel (RHEL-16754)
- Clear server's session ticket indication at rehandshake (#2089817)
- Fix x86_64 CPU feature detection when AVX is not available (#2131152) - Fix timing side-channel in TLS RSA key exchange (#2162598)
- Fix double-free in gnutls_pkcs7_verify (#2109788)
- p11tool: Document ID reuse behavior when importing certs (#1776250)
- Treat SHA-1 signed CA in the trusted set differently (#1965445)
- Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)
- Update to upstream 3.6.16 release (#1956783) - Fix potential use-after-free in key_share handling (#1927597) - Fix potential use-after-free in pre_shared_key handling (#1927593) - Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334) - Fix cert expiration issue in tests (#1908110)
- Port fixes for potential miscalculation in ecdsa_verify (#1942931)