git.ipfire.org Git - ipfire-2.x.git/commit

author	Adolf Belka <adolf.belka@ipfire.org>
	Mon, 3 Jun 2024 14:47:29 +0000 (16:47 +0200)
committer	Michael Tremer <michael.tremer@ipfire.org>
	Tue, 2 Jul 2024 09:05:03 +0000 (09:05 +0000)
commit	fe3c0962f49af44b9c1448b6fae71099af288224
tree	b3e53dc32cccc9c05a2e43769a28245ce1b327a7	tree
parent	06e9de836c6770d8bdd67aefab73985f63ac7bb0	commit \| diff

gnutls: Update to version 3.8.5

- Update from version 3.8.3 to 3.8.5
- Update of rootfile
- Changelog
    3.8.5
** libgnutls: Due to majority of usages and implementations of
   RSA decryption with PKCS#1 v1.5 padding being incorrect,
   leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5
   is being deprecated (encryption and decryption) and will be
   disabled in the future. A new option `allow-rsa-pkcs1-encrypt`
   has been added into the system-wide library configuration which
   allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the
   RSAES-PKCS1-v1_5 is enabled by default.
** libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for
   backward compatibility with GCR.
** libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1
   v1.5 decryption error handling and deterministic ECDSA with earlier
   versions of GMP.  These were a regression introduced in the 3.8.4
   release. See #1535 and !1827.
** build: Fixed a bug where building gnutls statically failed due
   to a duplicate definition of nettle_rsa_compute_root_tr().
** API and ABI modifications:
GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

config/rootfiles/common/gnutls		diff \| blob \| blame \| history
lfs/gnutls		diff \| blob \| blame \| history