The GNU Transport Layer Security Library
The GnuTLS project aims to develop a library that provides a secure
layer over a reliable transport layer. Currently the GnuTLS library
implements the proposed standards of the IETF's TLS working group.
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout SUSE:SLE-15-SP2:GA/gnutls && cd $_
- Create Badge
Refresh
Refresh
Source Files
Latest Revision
Gustavo Yokoyama Ribeiro (gyribeiro)
committed
(revision 2)
Urgent fix for CVE-2020-13777 for SP2. - GNUTLS-SA-2020-06-03 (Fixed insecure session ticket key construction) The TLS server would not bind the session ticket encryption key with a value supplied by the application until the initial key rotation, allowing attacker to bypass authentication in TLS 1.3 and recover previous conversations in TLS 1.2 (#1011). (bsc#1172506, CVE-2020-13777) * add patches: + gnutls-CVE-2020-13777.patch - Fixed handling of certificate chain with cross-signed intermediate CA certificates (#1008). (bsc#1172461) * add patches: + 0001-_gnutls_verify_crt_status-apply-algorithm-checks-to-.patch + 0002-_gnutls_pkcs11_verify_crt_status-check-validity-agai.patch + 0003-x509-trigger-fallback-verification-path-when-cert-is.patch + 0004-tests-add-test-case-for-certificate-chain-supersedin.patch
Comments 0