File gnutls.changes of Package gnutls

-------------------------------------------------------------------
Tue Dec  9 18:43:57 CET 2008 - ro@suse.de

- remove ix86 from ifarch statement obsoleting 32bit package 

-------------------------------------------------------------------
Fri Nov 28 06:53:37 CET 2008 - jshi@suse.de

- fix security bug [bnc#441856]
  CVE-2008-4989

-------------------------------------------------------------------
Thu Oct 30 12:34:56 CET 2008 - olh@suse.de

- obsolete old -XXbit packages (bnc#437293)

-------------------------------------------------------------------
Sat Aug  2 10:28:21 CEST 2008 - meissner@suse.de

- run testsuite

-------------------------------------------------------------------
Thu Jul 17 15:27:42 CEST 2008 - mkoenig@suse.de

- update to version 2.4.1
  * libgnutls: Fix local crash in gnutls_handshake
  * libgnutls: Fix memory leaks when doing a re-handshake
  * Fix compiler warnings
  * Fix ordering of -I's to avoid opencdk.h conflict with
    system headers
  * srptool: Fix a problem where --verify check does not succeed
- remove C++ wrapper lib, it is not usable without SRP
- remove patch
  gnutls-1.6.1-srptool.patch

-------------------------------------------------------------------
Wed Jul  2 15:49:50 CEST 2008 - mkoenig@suse.de

- remove gnutls main package from baselibs.conf 

-------------------------------------------------------------------
Thu Jun 26 15:08:38 CEST 2008 - mkoenig@suse.de

- update to version 2.4.0
  * The OpenPGP sub-system has been improved and now supports subkeys
  * The PSK sub-system has been improved and now supports password
    derivation and PSK identity hints 
  * The certtool --inder and --outder has been replaced
    by --inraw and --outraw
  * New APIs to access the raw X.509 Subject and Issuer DN's and
    elements from the certificate credentials structure
  * New APIs to improve working with username/passwords and PSK
  * Names of constants to affect certificate printing changed
  * The function gnutls_openpgp_privkey_get_id has been renamed to
    gnutls_openpgp_privkey_get_key_id
  * API/ABI changes in GnuTLS 2.4
    All OpenPGP related functions have been moved from 
    libgnutls-extra to libgnutls, and several new functions have
    been added
- remove SRP functionality from C++ wrapper, otherwise it cannot
  be linked against it
- removed patches
  gnutls-2.2.2-uninitialized.patch
  gnutls-char-signedness.patch
  gnutls-GNUTLS_SA_2008_1.patch

-------------------------------------------------------------------
Mon Jun 23 10:53:20 CEST 2008 - mkoenig@suse.de

- disable SRP [bnc#65192] 

-------------------------------------------------------------------
Wed May 21 16:32:26 CEST 2008 - mkoenig@suse.de

- fix three security bugs [bnc#392947]
  CVE-2008-1948 GNUTLS-SA-2008-1-1
  Fix crash when sending invalid server name
  CVE-2008-1949 GNUTLS-SA-2008-1-2
  Fix crash when sending repeated client hellos
  CVE-2008-1950 GNUTLS-SA-2008-1-3
  Fix crash in cipher padding decoding for invalid record lengths

-------------------------------------------------------------------
Thu May  8 14:17:41 CEST 2008 - mkoenig@suse.de

- fix build 

-------------------------------------------------------------------
Tue Apr 29 17:43:46 CEST 2008 - cthiel@suse.de

- obsolete gnutls-<arch> via baselibs.conf  

-------------------------------------------------------------------
Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de

- added baselibs.conf file to build xxbit packages
  for multilib support

-------------------------------------------------------------------
Thu Apr  3 17:40:32 CEST 2008 - mkoenig@suse.de

- update to version 2.2.2
  * Cipher priority string handling now handle strings that
    starts with NULL 
  * Corrected memory leaks in session resuming and DHE ciphersuites
  * Increased the default certificate verification chain limits and 
    allowed for checks without limitation
  * Corrected the behaviour of gnutls_x509_crt_get_subject_alt_name()
    and gnutls_x509_crt_get_subject_alt_name() to not null terminate
    binary strings and return the proper size

-------------------------------------------------------------------
Thu Jan 31 11:12:46 CET 2008 - mkoenig@suse.de

- update to version 2.2.1
  * Fixes the post_client_hello_function()
  * Fix for certificate selection in servers with certificate callbacks
  * certtool: Fixed data corruption when using --outder
  * TLS authorization support removed.
  * Corrected bug which did not allow a server to run without
    supporting certificates
  * Introduced gnutls_session_enable_compatibility_mode()
  * Added gnutls_record_disable_padding() to allow servers talking to
    buggy clients
  * Fixed PKCS #3 parameter export
  * Added support for Camellia cipher
  * certtool: Add option --quick-random
  * Added capability to set a callback after the client hello is
    received by the server in order to adjust parameters before
    the handshake
  * certtool: Fixed data corruption when using --outder
  * SRP was corrected to adhere to the latest draft
  * Updated the DN parser
  * Added support for DSA2 using libgcrypt 1.3.0
  * Removed all the trustdb code from openpgp authentication.
    We now use only the well-specified keyrings
  * The gnutls_certificate_set_openpgp_* functions were modified
    to include the format. This makes the interface consistent with
    the x509 functions
  * Introduced gnutls_session_enable_compatibility_mode()
  * Added gnutls_set_default_priority2()
  * Added priority functions that accept strings
  * certtool: Add option --disable-quick-random to enable the
    old behaviour of using /dev/random to generate keys
  * Added the --v1 option to certtool, to allow generating X.509
    version 1 certificates
  * Fix PKCS#3 parameter export problem
  * Fixed GNUTLS_E_UNKNOWN_ALGORITHM vs GNUTLS_E_UNKNOWN_HASH_ALGORITHM
  * gnutls_certificate_set_x509_key_* can now read PKCS #8 unencrypted
    private keys
  * Introduced the GNUTLS_E_BASE64_UNEXPECTED_HEADER_ERROR error code
  * Added the --to-p8 option to certtool to convert private keys
    to PKCS #8 keys
  * Corrected bug in decompression of expanded compression data
  * The gnutls_*_convert_priority() functions were deprecated
  * gnutls-cli and gnutls-serv now have a --priority option
  * PKCS #8 parser can now encode/decode DSA keys
  * Corrected a segfault when setting an empty gnutls_priority_t
    at gnutls_priority_set()
  * Added gnutls_x509_crt_get_subject_alt_name2()
  * The GPL version has been changed from version 2 to version 3.
    This affects the self-tests, command-line tools, the libgnutls-extra
    library, the relevant guile parts, and the build environment
- API and ABI modifications, library soname switch from 13 to 26
- change package structure:
  * branch off libgnutls-extra
    since this is now GPLv3 or later while libgnutls remains 
    LGPLv2.1 or later
  * gnutls license change to GPLv3
- build without lzo support to avoid license problems
  since lzo is currently GPLv2 only
- removed merged patches:
  gnutls-fix_size_t.patch

-------------------------------------------------------------------
Tue Oct 23 13:59:25 CEST 2007 - mkoenig@suse.de

- update to version 2.0.1
- change package layout to conform shlib policy:
  rename gnutls-devel -> libgnutls-devel
  new subpackage libgnutls13
- removed patches:
  gnutls-1.4.4-sign-callback.patch
  gnutls-1.6.1-compiler_warnings.patch

-------------------------------------------------------------------
Thu Aug 30 12:35:34 CEST 2007 - mkoenig@suse.de

- fix srptool [#208227] 
- fix some compiler warnings

-------------------------------------------------------------------
Fri Aug  3 13:54:37 CEST 2007 - hvogel@suse.de

- Some additions for evolution smart card support

-------------------------------------------------------------------
Thu May 10 17:21:59 CEST 2007 - mkoenig@suse.de

- Fix segfault on s390x [#97441] 
  gnutls-fix_size_t.patch

-------------------------------------------------------------------
Tue Jan 23 17:29:00 CET 2007 - mkoenig@suse.de

- update to new stable branch 1.6.1:
  * Fix the list of trusted CAs that server's send to clients.
  * Fix gnutls_certificate_set_x509_crl to initialize the CRL 
    before using it.
  * Encode UID fields in DN's as DirectoryString.
  * Fix ./configure failure with non-GCC compilers.
  * A GnuTLS C++ library is part of the official distribution.
  * New APIs for custom push/pull function error reporting.

-------------------------------------------------------------------
Tue Oct 24 19:08:36 CEST 2006 - mkoenig@suse.de

- move developer related docs to devel package and remove
  binary stuff from docs [#212454] 

-------------------------------------------------------------------
Tue Sep 19 11:06:39 CEST 2006 - mkoenig@suse.de

- update to version 1.4.4:
  * bugfix release
  * fixes security vulnerability [#206636] (CVE-2006-4790)

-------------------------------------------------------------------
Thu Aug 31 17:40:43 CEST 2006 - mkoenig@suse.de

- update to new stable branch 1.4.1:
  * The command line tools now use getaddrinfo and support IPv6.
  * gnutls-cli can now recognize services and port numbers with 
    the -p option.
  * Error messages are now translated using GNU Gettext.
  * GnuTLS now support TLS Inner application (TLS/IA).
  * API and ABI modifications:
    + Support for DHE-PSK cipher suites has been added.
    + Removed the RIPEMD ciphersuites.
    + Remove GnuTLS 0.8.x compatibility functions.
    + Support for TLS Pre-Shared Key (TLS-PSK) ciphersuites have 
      been added.
    + Certtool now generate keys in unencrypted PKCS#8 format for 
      empty passwords.
    + Certtool now accept --password for --key-info and encrypted 
      PKCS#8 keys.
    + gnutls_x509_privkey_import_pkcs8 now accept unencrypted 
      PEM PKCS#8 keys,
    + New function to set a X.509 private key and certificate 
      pairs, and/or CRLs, from an PKCS#12 file.
    + New APIs to acceess the client and server random fields in 
      a session.
    + New APIs to access the TLS Pseudo-Random-Function (PRF).
    + New API to access the TLS master secret.
    + The function gnutls_x509_crt_to_xml now return an internal 
      error.
  * Several bugfixes:
    + Corrected a bug in certtool for 64 bit machines.
    + Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly.
    + Fix crash in TLS resume code, caused by TLS/IA changes.
    + Corrected bugs in gnutls_certificate_set_x509_crl() and
      gnutls_certificate_set_x509_trust().
    + Fixed bug in non-blocking gnutls_bye().
    + Fix read of out bounds bug in DER parser.
    + Fixed bug in OpenPGP authentication handshake.

-------------------------------------------------------------------
Sat Feb 18 00:18:33 CET 2006 - ro@suse.de

- cleanup doc directory (.deps,.libs) 

-------------------------------------------------------------------
Fri Feb 10 13:01:55 CET 2006 - hvogel@suse.de

- Update to version 1.2.10. This release fixes several serious
  bugs that would make the DER decoder in libtasn1 crash on
  invalid input [#149897]. Including: 

  * Corrected a bug in certtool for 64 bit machines.

  * Fix gnutls-cli STARTTLS hang when SIGINT is sent too quickly

  * Corrected bugs in gnutls_certificate_set_x509_crl() and
    gnutls_certificate_set_x509_trust(), that caused memory
    corruption if more than one certificates were added.

  * Fixed bug in non-blocking gnutls_bye(). gnutls_record_send()
    will no longer invalidate a session if the underlying send
    fails, but it will prevent future writes.

-------------------------------------------------------------------
Wed Jan 25 21:36:17 CET 2006 - mls@suse.de

- converted neededforbuild to BuildRequires

-------------------------------------------------------------------
Tue Dec 20 15:04:31 CET 2005 - ro@suse.de

- do not package /usr/share/info/dir 

-------------------------------------------------------------------
Fri Dec  9 14:26:44 CET 2005 - hvogel@suse.de

- update to version 1.2.9

-------------------------------------------------------------------
Tue Oct 25 13:50:11 CEST 2005 - hvogel@suse.de

- update to version 1.2.8

-------------------------------------------------------------------
Mon Aug 22 12:12:39 CEST 2005 - hvogel@suse.de

- fix data type comparison [Bug #104617]

-------------------------------------------------------------------
Sun Jul  3 16:06:29 CEST 2005 - hvogel@suse.de

- update to version 1.2.5

-------------------------------------------------------------------
Wed Jun 29 10:30:02 CEST 2005 - hvogel@suse.de

- patch from mrueckert to use external lzo again

-------------------------------------------------------------------
Thu Jun 23 16:17:31 CEST 2005 - hvogel@suse.de

- use %install_info/%install_info_delete

-------------------------------------------------------------------
Tue Jun  7 12:50:53 CEST 2005 - hvogel@suse.de

- update to version 1.2.4

-------------------------------------------------------------------
Fri Jun  3 01:13:12 CEST 2005 - ro@suse.de

- fix specfile (don't apply non-existant patch1) 

-------------------------------------------------------------------
Thu Jun  2 18:03:17 CEST 2005 - hvogel@suse.de

- use included minilzo

-------------------------------------------------------------------
Wed May 25 13:09:39 CEST 2005 - hvogel@suse.de

- Update to version 1.2.3 (fixes gnutls DOS Bug #83481)
- Include defines.h before gnutls.h, to pull in config.h, to make
  sure memmem.h prototype memmem properly

-------------------------------------------------------------------
Sat Jan 29 23:42:13 CET 2005 - hvogel@suse.de

- Update to version 1.2.0

-------------------------------------------------------------------
Wed Jan 19 20:43:20 CET 2005 - hvogel@suse.de

- update to version 1.1.23
- get rid of prebuild html/ps docu again, the devel packages has
  man-pages now

-------------------------------------------------------------------
Mon Dec 13 20:07:38 CET 2004 - hvogel@suse.de

- update to version 1.0.23
- make build of postscript/html docu configureable

-------------------------------------------------------------------
Sat Oct 23 19:41:07 CEST 2004 - hvogel@suse.de

- move config script to the devel package 

-------------------------------------------------------------------
Thu Oct 14 17:08:56 CEST 2004 - hvogel@suse.de

- Update to version 1.0.21

-------------------------------------------------------------------
Tue Sep 28 18:04:28 CEST 2004 - hvogel@suse.de

- add doc subpackage with prebuild html/ps docu (Bug #44496)

-------------------------------------------------------------------
Mon Sep 27 14:38:19 CEST 2004 - hvogel@suse.de

- fix ac-quotation patch to include libgnutls-extra.m4 (Bug #46035)

-------------------------------------------------------------------
Tue Aug 31 14:13:40 CEST 2004 - kukuk@suse.de

- Update to version 1.0.20

-------------------------------------------------------------------
Mon Aug 30 14:22:43 CEST 2004 - kukuk@suse.de

- Add libopencdk-devel to neededforbuild

-------------------------------------------------------------------
Thu Jul 15 18:54:57 CEST 2004 - hvogel@suse.de

- add libgcrypt-devel and lipgpg-error-devel to nfb

-------------------------------------------------------------------
Wed May 19 14:58:13 CEST 2004 - hvogel@suse.de

- update to version 1.0.13 

-------------------------------------------------------------------
Fri May 14 08:48:26 CEST 2004 - mmj@suse.de

- Add C++ compiler to build
- Don't remove buildroot when installing

-------------------------------------------------------------------
Mon Mar  1 18:44:58 CET 2004 - hvogel@suse.de

- update to version 1.0.8 

-------------------------------------------------------------------
Tue Feb 17 15:57:15 CET 2004 - hvogel@suse.de

- update to version 1.0.6  
- fix autoconf quotations

-------------------------------------------------------------------
Wed May 14 18:31:12 CEST 2003 - schubi@suse.de

- initial; Sourcecode received from XIMIAN 

openSUSE Build Service is sponsored by