Sophie

• Search
• Distribution
• Explorer
• Source & Patches
• Chat
• Help
• About

distrib > CentOS > 5 > i386 > by-pkgid > 35553b47a57f47192c77ab6c044c4b85 > changelog

gnutls-utils-1.4.1-16.el5_10.i386.rpm

• Info
• Deps
• Files
• Scripts
• ChangeLog
• Location
• Others versions
• Analyse

• Fri May 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 1.4.1-16

  - added missing check for null pointer (#1102355)

• Thu May 29 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 1.4.1-15

  - fix session ID length check and null pointer dereference (#1102355)
  - fix minitasn1 issues (#1102355)
  - Renamed gnutls-1.4.1-cve-2014-5138.patch to cve-2009-5138.patch

• Thu Feb 27 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 1.4.1-14

  - Renamed gnutls-1.4.1-cve-2014-0092-1.patch to cve-2014-5138.patch
  - Renamed gnutls-1.4.1-cve-2014-0092-2.patch to cve-2014-0092.patch

• Wed Feb 26 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 1.4.1-13

  - fix issues of CVE-2014-0092 (#1069888)

• Mon May 27 2013 Tomas Mraz <tmraz@redhat.com> 1.4.1-12

  - fix CVE-2013-2116 - fix DoS regression in CVE-2013-1619
  upstream patch (#966754)

• Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 1.4.1-11

  - fix CVE-2013-1619 - fix TLS-CBC timing attack (#908238)

• Wed Jun 6 2012 Tomas Mraz <tmraz@redhat.com> 1.4.1-10

  - do not generate invalid certificate requests without challenge password
  - store subject DN instead of issuer DN in the CA list

• Thu Mar 22 2012 Tomas Mraz <tmraz@redhat.com> 1.4.1-9

  - fix CVE-2011-4128 - buffer overflow in gnutls_session_get_data() (#752308)
  - fix CVE-2012-1569 - missing length check when decoding DER lengths (#804920)
  - fix CVE-2012-1573 - security issue in packet parsing (#805432)

• Wed Feb 8 2012 Tomas Mraz <tmraz@redhat.com> 1.4.1-8

  - fix multiple possible NULL dereferences and other problems
  that can potentially lead to segfault in the client

• Tue Mar 9 2010 Tomas Mraz <tmraz@redhat.com> 1.4.1-7

  - fix safe renegotiation on SSL3 protocol

• Wed Mar 3 2010 Tomas Mraz <tmraz@redhat.com> 1.4.1-6

  - implement safe renegotiation - CVE-2009-3555 (#533125)
  - do not allow MD2 in certificate signatures by default - CVE-2009-2409
  (#510197)

• Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 1.4.1-5

  - fix NUL characters in DN and SAN cert fields issue,
  make sure gnutls_x509_crt_check_hostname() fails when certificate
  has no CN or SAN CVE-2009-2730 (#516231)

• Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 1.4.1-4

  - fix chain verification issue CVE-2008-4989 (#470079)

• Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 1.4.1-3

  - fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
  (#447461, #447462, #447463)

• Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2

  - detect forged signatures - CVE-2006-4790 (#206411), patch
  from upstream

• Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1

  - upgrade to new upstream version, only minor changes

• Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1

  - rebuild

• Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1

  - upgrade to new upstream version (#192070), rebuild
  of dependent packages required

• Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2

  - added missing buildrequires

• Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1

  - updated to new version (fixes CVE-2006-0645)

• Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2

  - bump again for double-long bug on ppc(64)

• Tue Feb 7 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1

  - rebuilt for new gcc4.1 snapshot and glibc changes

• Tue Jan 3 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3

  - rebuilt

• Fri Dec 9 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2

  - replaced *-config scripts with calls to pkg-config to
  solve multilib conflicts

• Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1

  - upgrade to newest upstream
  - removed .la files (#172635)

• Sun Aug 7 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1

  - upgrade to newest upstream (rebuild of dependencies necessary)

• Mon Jul 4 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2

  - split the command line tools to utils subpackage

• Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1

  - new upstream version fixes potential DOS attack

• Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2

  - readd the version script dropped by upstream

• Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1

  - update to the latest upstream version on the 1.0 branch

• Wed Mar 2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6

  - gcc4 rebuild

• Tue Jan 4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5

  - add gnutls Requires zlib-devel (#144069)

• Mon Nov 8 2004 Colin Walters <walters@redhat.com> 1.0.20-4

  - Make gnutls-devel Require libgcrypt-devel

• Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3

  - rebuild with release++, otherwise unchanged.

• Tue Sep 7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2

  - patent tainted SRP code removed.

• Sun Sep 5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1

  - update to 1.0.20.
  - add --with-included-opencdk --with-included-libtasn1
  - add --with-included-libcfg --with-included-lzo
  - add --disable-srp-authentication.
  - do "make check" after build.

• Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1

  - upgrade to 0.9.2

• Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1

  - update to 0.4.4.

• Fri Jun 21 2002 Tim Powers <timp@redhat.com>

  - automated rebuild

• Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1

  - update to 0.4.3.

• Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1

  - update to 0.4.2.
  - change license to LGPL.
  - include splint annotations patch.

• Tue Apr 2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1

  - update to 0.4.0

• Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1

  - update to 0.3.2

• Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1

  - add a URL

• Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>

  - initial package