[ol8_u4_security_validation] gnutls-devel-10:3.6.16-8.el8_9.1_fips.x86_64

Name:	gnutls-devel
Epoch:	10
Version:	3.6.16
Release:	8.el8_9.1_fips
Architecture:	x86_64
Group:	Development/Libraries
Size:	5011276
License:	GPLv3+ and LGPLv2+
RPM:	gnutls-devel-3.6.16-8.el8_9.1_fips.x86_64.rpm
Source RPM:	gnutls-3.6.16-8.el8_9.1_fips.src.rpm
Build Date:	Thu Feb 01 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.gnutls.org/
Summary:	Development files for the gnutls package
Description:	GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures. This package contains files needed for developing applications with the GnuTLS library.

Changelog (Show File list) (Show related packages)

Wed Jan 31 2024 Pooja Senthil Kumar <pooja.senthil.kumar@oracle.com> - 3.6.16-8.1_fips

- Allow RSA keygen with modulus sizes bigger than 3072 bits and validate the seed length
  as defined in FIPS 186-4 section B.3.2 [Orabug: 33200526]
- Allow bigger known RSA modulus sizes when calling
  rsa_generate_fips186_4_keypair directly [Orabug: 33200526]
- Change Epoch from 1 to 10

Mon Jan 22 2024 Daiki Ueno <dueno@redhat.com> - 3.6.16-8.1

- auth/rsa-psk: minimize branching after decryption (RHEL-21550)

Wed Dec 06 2023 Daiki Ueno <dueno@redhat.com> - 3.6.16-8

- auth/rsa_psk: side-step potential side-channel (RHEL-16754)

Mon Jun 26 2023 Daiki Ueno <dueno@redhat.com> - 3.6.16-7

- Clear server's session ticket indication at rehandshake (#2089817)

Thu Feb 23 2023 Zoltan Fridrich <zfridric@redhat.com> - 3.6.16-6

- Fix x86_64 CPU feature detection when AVX is not available (#2131152)
- Fix timing side-channel in TLS RSA key exchange (#2162598)

Mon Aug 29 2022 Daiki Ueno <dueno@redhat.com> - 3.6.16-5
```
- Fix double-free in gnutls_pkcs7_verify (#2109788)
```

Mon Jun 28 2021 Daiki Ueno <dueno@redhat.com> - 3.6.16-4

- p11tool: Document ID reuse behavior when importing certs (#1776250)

Mon Jun 07 2021 Daiki Ueno <dueno@redhat.com> - 3.6.16-3

- Treat SHA-1 signed CA in the trusted set differently (#1965445)

Wed May 26 2021 Daiki Ueno <dueno@redhat.com> - 3.6.16-2

- Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)

Mon May 24 2021 Daiki Ueno <dueno@redhat.com> - 3.6.16-1

- Update to upstream 3.6.16 release (#1956783)
- Fix potential use-after-free in key_share handling (#1927597)
- Fix potential use-after-free in pre_shared_key handling (#1927593)
- Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334)
- Fix cert expiration issue in tests (#1908110)