diff --git a/backport-CVE-2023-5981-auth-rsa_psk-side-step-potential-side-channel.patch b/backport-CVE-2023-5981-auth-rsa_psk-side-step-potential-side-channel.patch deleted file mode 100644 index 50e0fa3affc2f8316b43c90ff35d8bbd63d127ef..0000000000000000000000000000000000000000 --- a/backport-CVE-2023-5981-auth-rsa_psk-side-step-potential-side-channel.patch +++ /dev/null @@ -1,209 +0,0 @@ -From 29d6298d0b04cfff970b993915db71ba3f580b6d Mon Sep 17 00:00:00 2001 -From: Daiki Ueno -Date: Mon, 23 Oct 2023 09:26:57 +0900 -Subject: [PATCH] auth/rsa_psk: side-step potential side-channel - -This removes branching that depends on secret data, porting changes -for regular RSA key exchange from -4804febddc2ed958e5ae774de2a8f85edeeff538 and -80a6ce8ddb02477cd724cd5b2944791aaddb702a. This also removes the -allow_wrong_pms as it was used sorely to control debug output -depending on the branching. - -Signed-off-by: Daiki Ueno - -Conflict::rsa_psk.c - ---- - lib/auth/rsa.c | 2 +- - lib/auth/rsa_psk.c | 90 ++++++++++++++++++---------------------------- - lib/gnutls_int.h | 4 --- - lib/priority.c | 1 - - 4 files changed, 35 insertions(+), 62 deletions(-) - -diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c -index 492ec11..dd0fea1 100644 ---- a/lib/auth/rsa.c -+++ b/lib/auth/rsa.c -@@ -206,7 +206,7 @@ proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size) - session->key.key.size); - /* After this point, any conditional on failure that cause differences - * in execution may create a timing or cache access pattern side -- * channel that can be used as an oracle, so treat very carefully */ -+ * channel that can be used as an oracle, so tread carefully */ - - /* Error handling logic: - * In case decryption fails then don't inform the peer. Just use the -diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c -index c1e9ac4..289ecbd 100644 ---- a/lib/auth/rsa_psk.c -+++ b/lib/auth/rsa_psk.c -@@ -255,14 +255,13 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, - { - gnutls_datum_t username; - psk_auth_info_t info; -- gnutls_datum_t plaintext; - gnutls_datum_t ciphertext; - gnutls_datum_t pwd_psk = { NULL, 0 }; - int ret, dsize; -- int randomize_key = 0; - ssize_t data_size = _data_size; - gnutls_psk_server_credentials_t cred; - gnutls_datum_t premaster_secret = { NULL, 0 }; -+ volatile uint8_t ver_maj, ver_min; - - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred(session, GNUTLS_CRD_PSK); -@@ -320,68 +319,47 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, - } - ciphertext.size = dsize; - -- ret = -- gnutls_privkey_decrypt_data(session->internals.selected_key, 0, -- &ciphertext, &plaintext); -- if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) { -- /* In case decryption fails then don't inform -- * the peer. Just use a random key. (in order to avoid -- * attack against pkcs-1 formatting). -- */ -+ ver_maj = _gnutls_get_adv_version_major(session); -+ ver_min = _gnutls_get_adv_version_minor(session); -+ -+ premaster_secret.data = gnutls_malloc(GNUTLS_MASTER_SIZE); -+ if (premaster_secret.data == NULL) { - gnutls_assert(); -- _gnutls_debug_log -- ("auth_rsa_psk: Possible PKCS #1 format attack\n"); -- if (ret >= 0) { -- gnutls_free(plaintext.data); -- } -- randomize_key = 1; -- } else { -- /* If the secret was properly formatted, then -- * check the version number. -- */ -- if (_gnutls_get_adv_version_major(session) != plaintext.data[0] -- || (session->internals.allow_wrong_pms == 0 -- && _gnutls_get_adv_version_minor(session) != -- plaintext.data[1])) { -- /* No error is returned here, if the version number check -- * fails. We proceed normally. -- * That is to defend against the attack described in the paper -- * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima, -- * Ondej Pokorny and Tomas Rosa. -- */ -- gnutls_assert(); -- _gnutls_debug_log -- ("auth_rsa: Possible PKCS #1 version check format attack\n"); -- } -+ return GNUTLS_E_MEMORY_ERROR; - } -+ premaster_secret.size = GNUTLS_MASTER_SIZE; - -- if (randomize_key != 0) { -- premaster_secret.size = GNUTLS_MASTER_SIZE; -- premaster_secret.data = gnutls_malloc(premaster_secret.size); -- if (premaster_secret.data == NULL) { -- gnutls_assert(); -- return GNUTLS_E_MEMORY_ERROR; -- } -- -- /* we do not need strong random numbers here. -- */ -- ret = gnutls_rnd(GNUTLS_RND_NONCE, premaster_secret.data, -- premaster_secret.size); -- if (ret < 0) { -- gnutls_assert(); -- goto cleanup; -- } -- } else { -- premaster_secret.data = plaintext.data; -- premaster_secret.size = plaintext.size; -+ /* Fallback value when decryption fails. Needs to be unpredictable. */ -+ ret = gnutls_rnd(GNUTLS_RND_NONCE, premaster_secret.data, -+ premaster_secret.size); -+ if (ret < 0) { -+ gnutls_assert(); -+ goto cleanup; - } - -+ gnutls_privkey_decrypt_data2(session->internals.selected_key, 0, -+ &ciphertext, premaster_secret.data, -+ premaster_secret.size); -+ /* After this point, any conditional on failure that cause differences -+ * in execution may create a timing or cache access pattern side -+ * channel that can be used as an oracle, so tread carefully */ -+ -+ /* Error handling logic: -+ * In case decryption fails then don't inform the peer. Just use the -+ * random key previously generated. (in order to avoid attack against -+ * pkcs-1 formatting). -+ * -+ * If we get version mismatches no error is returned either. We -+ * proceed normally. This is to defend against the attack described -+ * in the paper "Attacking RSA-based sessions in SSL/TLS" by -+ * Vlastimil Klima, Ondej Pokorny and Tomas Rosa. -+ */ -+ - /* This is here to avoid the version check attack - * discussed above. - */ -- -- premaster_secret.data[0] = _gnutls_get_adv_version_major(session); -- premaster_secret.data[1] = _gnutls_get_adv_version_minor(session); -+ premaster_secret.data[0] = ver_maj; -+ premaster_secret.data[1] = ver_min; - - /* find the key of this username - */ -diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h -index 969454b..034059a 100644 ---- a/lib/gnutls_int.h -+++ b/lib/gnutls_int.h -@@ -977,7 +977,6 @@ struct gnutls_priority_st { - bool _no_etm; - bool _no_ext_master_secret; - bool _allow_key_usage_violation; -- bool _allow_wrong_pms; - bool _dumbfw; - unsigned int _dh_prime_bits; /* old (deprecated) variable */ - -@@ -995,7 +994,6 @@ struct gnutls_priority_st { - (x)->no_etm = 1; \ - (x)->no_ext_master_secret = 1; \ - (x)->allow_key_usage_violation = 1; \ -- (x)->allow_wrong_pms = 1; \ - (x)->dumbfw = 1 - - # define ENABLE_PRIO_COMPAT(x) \ -@@ -1004,7 +1002,6 @@ struct gnutls_priority_st { - (x)->_no_etm = 1; \ - (x)->_no_ext_master_secret = 1; \ - (x)->_allow_key_usage_violation = 1; \ -- (x)->_allow_wrong_pms = 1; \ - (x)->_dumbfw = 1 - - /* DH and RSA parameters types. -@@ -1129,7 +1126,6 @@ typedef struct { - bool no_etm; - bool no_ext_master_secret; - bool allow_key_usage_violation; -- bool allow_wrong_pms; - bool dumbfw; - - /* old (deprecated) variable. This is used for both srp_prime_bits -diff --git a/lib/priority.c b/lib/priority.c -index 154929e..8dd9c42 100644 ---- a/lib/priority.c -+++ b/lib/priority.c -@@ -725,7 +725,6 @@ int gnutls_priority_set(gnutls_session_t session, gnutls_priority_t priority) - COPY_TO_INTERNALS(no_etm); - COPY_TO_INTERNALS(no_ext_master_secret); - COPY_TO_INTERNALS(allow_key_usage_violation); -- COPY_TO_INTERNALS(allow_wrong_pms); - COPY_TO_INTERNALS(dumbfw); - COPY_TO_INTERNALS(dh_prime_bits); - --- -2.33.0 - diff --git a/backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch b/backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch index a2653fb23e57ebdaa289ebd3be51d17eead4d91e..5bcb7162c88f89a3d6def2ac00164ab3cb41cd2a 100644 --- a/backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch +++ b/backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch @@ -10,24 +10,25 @@ decryption. This also avoids an extra memcpy to session->key.key. Signed-off-by: Daiki Ueno Reference: https://gitlab.com/gnutls/gnutls/-/commit/40dbbd8de499668590e8af51a15799fbc430595e -Conflicts: lib/auth/rsa_psk.c +Conflicts: NA + --- - lib/auth/rsa_psk.c | 70 ++++++++++++++++++++++++---------------------- - 1 file changed, 36 insertions(+), 34 deletions(-) + lib/auth/rsa_psk.c | 69 ++++++++++++++++++++++++---------------------- + 1 file changed, 36 insertions(+), 33 deletions(-) diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c -index 289ecbd..4043a64 100644 +index 99f908460..399fb4da1 100644 --- a/lib/auth/rsa_psk.c +++ b/lib/auth/rsa_psk.c -@@ -260,7 +260,6 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, +@@ -256,7 +256,6 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, int ret, dsize; ssize_t data_size = _data_size; gnutls_psk_server_credentials_t cred; - gnutls_datum_t premaster_secret = { NULL, 0 }; volatile uint8_t ver_maj, ver_min; - cred = (gnutls_psk_server_credentials_t) -@@ -322,24 +321,48 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, + cred = (gnutls_psk_server_credentials_t)_gnutls_get_cred( +@@ -318,24 +317,49 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, ver_maj = _gnutls_get_adv_version_major(session); ver_min = _gnutls_get_adv_version_minor(session); @@ -37,7 +38,8 @@ index 289ecbd..4043a64 100644 + * filled in if the key is not found. + */ + ret = _gnutls_psk_pwd_find_entry(session, info->username, -+ strlen(info->username), &pwd_psk); ++ strlen(info->username), &pwd_psk, ++ NULL); + if (ret < 0) + return gnutls_assert_val(ret); + @@ -84,7 +86,7 @@ index 289ecbd..4043a64 100644 /* After this point, any conditional on failure that cause differences * in execution may create a timing or cache access pattern side * channel that can be used as an oracle, so tread carefully */ -@@ -358,31 +381,10 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, +@@ -354,31 +378,10 @@ static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, /* This is here to avoid the version check attack * discussed above. */ @@ -93,14 +95,16 @@ index 289ecbd..4043a64 100644 - - /* find the key of this username - */ -- ret = -- _gnutls_psk_pwd_find_entry(session, info->username, -- strlen(info->username), &pwd_psk); +- ret = _gnutls_psk_pwd_find_entry(session, info->username, +- strlen(info->username), &pwd_psk, +- NULL); - if (ret < 0) { - gnutls_assert(); - goto cleanup; - } -- ++ session->key.key.data[2] = ver_maj; ++ session->key.key.data[3] = ver_min; + - ret = set_rsa_psk_session_key(session, &pwd_psk, &premaster_secret); - if (ret < 0) { - gnutls_assert(); @@ -108,18 +112,15 @@ index 289ecbd..4043a64 100644 - } - - ret = 0; -- cleanup: +-cleanup: - _gnutls_free_key_datum(&pwd_psk); - _gnutls_free_temp_key_datum(&premaster_secret); - - return ret; -+ session->key.key.data[2] = ver_maj; -+ session->key.key.data[3] = ver_min; -+ + return 0; } - static int + static int _gnutls_proc_rsa_psk_server_kx(gnutls_session_t session, -- 2.33.0 diff --git a/backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch b/backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch index f2ededa763049818bca9343ab8c863fe0ed80807..4da3b7e0c96b8bf850d8aa3b04ea4b980cf29495 100644 --- a/backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch +++ b/backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch @@ -17,18 +17,18 @@ manner. Signed-off-by: Daiki Ueno Reference: https://gitlab.com/gnutls/gnutls/-/commit/9edbdaa84e38b1bfb53a7d72c1de44f8de373405 -Conflict: tests/test-chains.h +Conflict: NA --- lib/x509/common.c | 4 ++ - tests/test-chains.h | 124 ++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 128 insertions(+) + tests/test-chains.h | 125 ++++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 129 insertions(+) diff --git a/lib/x509/common.c b/lib/x509/common.c -index 2cc95c9..44317ba 100644 +index 861cace4c..d749a062c 100644 --- a/lib/x509/common.c +++ b/lib/x509/common.c -@@ -1771,6 +1771,10 @@ unsigned int _gnutls_sort_clist(gnutls_x509_crt_t * clist, +@@ -1741,6 +1741,10 @@ unsigned int _gnutls_sort_clist(gnutls_x509_crt_t *clist, break; } @@ -40,10 +40,10 @@ index 2cc95c9..44317ba 100644 insorted[prev] = 1; } diff --git a/tests/test-chains.h b/tests/test-chains.h -index 6355f28..c11a097 100644 +index 9ce23764d..3e559fecd 100644 --- a/tests/test-chains.h +++ b/tests/test-chains.h -@@ -4263,6 +4263,129 @@ static const char *rsa_sha1_not_in_trusted_ca[] = { +@@ -4260,6 +4260,129 @@ static const char *rsa_sha1_not_in_trusted_ca[] = { NULL }; @@ -171,14 +171,15 @@ index 6355f28..c11a097 100644 +}; + #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5) - # pragma GCC diagnostic push - # pragma GCC diagnostic ignored "-Wunused-variable" -@@ -4442,6 +4565,7 @@ static struct - rsa_sha1_not_in_trusted, rsa_sha1_not_in_trusted_ca, - GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), - GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1620118136, 1}, -+ { "cross signed - ok", cross_signed, cross_signed_ca, 0, 0, 0, 1704955300}, - { NULL, NULL, NULL, 0, 0} + #pragma GCC diagnostic push + #pragma GCC diagnostic ignored "-Wunused-variable" +@@ -4571,6 +4694,8 @@ static struct { + GNUTLS_PROFILE_TO_VFLAGS(GNUTLS_PROFILE_MEDIUM), + GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, + 1620118136, 1 }, ++ { "cross signed - ok", cross_signed, cross_signed_ca, 0, 0, 0, ++ 1704955300 }, + { NULL, NULL, NULL, 0, 0 } }; -- diff --git a/fix-ipv6-handshake-failed.patch b/fix-ipv6-handshake-failed.patch index 6278865c007608e0003361e4002fc4f8b36fd13b..1e280bc2d1041f49e1d3fb6ad33c16d06cf8830d 100644 --- a/fix-ipv6-handshake-failed.patch +++ b/fix-ipv6-handshake-failed.patch @@ -6,31 +6,32 @@ Subject: [PATCH] fix ipv6 handshake failed reason: fix ipv6 handshake failed Signed-off-by: lvying + --- - lib/ext/server_name.c | 4 +++- - lib/str.h | 10 ++++++++++ + lib/ext/server_name.c | 4 +++- + lib/str.h | 10 ++++++++++ 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/lib/ext/server_name.c b/lib/ext/server_name.c -index 259dc99..f61c1f2 100644 +index a7329d0..7be1ca1 100644 --- a/lib/ext/server_name.c +++ b/lib/ext/server_name.c -@@ -112,7 +112,9 @@ _gnutls_server_name_recv_params(gnutls_session_t session, +@@ -108,7 +108,9 @@ static int _gnutls_server_name_recv_params(gnutls_session_t session, DECR_LEN(data_size, len); - if (type == 0) { /* NAME_DNS */ + if (type == 0) { /* NAME_DNS */ - if (!_gnutls_dnsname_is_valid((char *)p, len)) { -+ _gnutls_debug_log("HSK[%p]: recieve server name: '%.*s'\n", session, len, p); -+ /* fix ipv6 format server name invaild problem */ -+ if (!_gnutls_dnsname_is_valid((char*)p, len) && !_gnutls_ipv6_is_valid((char*)p, len)) { - _gnutls_handshake_log - ("HSK[%p]: Server name is not acceptable: '%.*s'\n", - session, (int)len, p); ++ _gnutls_debug_log("HSK[%p]: recieve server name: '%.*s'\n", session, len, p); ++ /* fix ipv6 format server name invaild problem */ ++ if (!_gnutls_dnsname_is_valid((char*)p, len) && !_gnutls_ipv6_is_valid((char*)p, len)) { + _gnutls_handshake_log( + "HSK[%p]: Server name is not acceptable: '%.*s'\n", + session, (int)len, p); diff --git a/lib/str.h b/lib/str.h -index 9f0e7d6..e0bca4b 100644 +index 1f670cd..aa4b5b2 100644 --- a/lib/str.h +++ b/lib/str.h -@@ -60,6 +60,16 @@ inline static unsigned _gnutls_str_is_print(const char *str, unsigned size) +@@ -64,6 +64,16 @@ inline static unsigned _gnutls_str_is_print(const char *str, unsigned size) return 1; } @@ -48,5 +49,5 @@ index 9f0e7d6..e0bca4b 100644 { unsigned i; -- -2.19.1 +2.33.0 diff --git a/gnutls-3.8.0.tar.xz.sig b/gnutls-3.8.0.tar.xz.sig deleted file mode 100644 index f0f983a5d539a8373cd27877a556082ee2925039..0000000000000000000000000000000000000000 Binary files a/gnutls-3.8.0.tar.xz.sig and /dev/null differ diff --git a/gnutls-3.8.0.tar.xz b/gnutls-3.8.2.tar.xz similarity index 46% rename from gnutls-3.8.0.tar.xz rename to gnutls-3.8.2.tar.xz index caa33cfb1141725bb28053e0b476436031aaf4f5..914c17adf273b5478f73529b5636409ec8ac7ffc 100644 Binary files a/gnutls-3.8.0.tar.xz and b/gnutls-3.8.2.tar.xz differ diff --git a/gnutls-3.8.2.tar.xz.sig b/gnutls-3.8.2.tar.xz.sig new file mode 100644 index 0000000000000000000000000000000000000000..88ecb9b7665d5863ce0ef7137f25f333a5a32a12 Binary files /dev/null and b/gnutls-3.8.2.tar.xz.sig differ diff --git a/gnutls.spec b/gnutls.spec index dbd25b354be71119d619798afbd3b8f837019cc7..5e58c2beff08f7dd9fc46170abb149ea8cc9c21c 100644 --- a/gnutls.spec +++ b/gnutls.spec @@ -1,5 +1,5 @@ Name: gnutls -Version: 3.8.0 +Version: 3.8.2 Release: 3 Summary: The GNU Secure Communication Protocol Library @@ -9,9 +9,8 @@ Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.tar.xz Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/%{name}-%{version}.tar.xz.sig Patch0: fix-ipv6-handshake-failed.patch -Patch1: backport-CVE-2023-5981-auth-rsa_psk-side-step-potential-side-channel.patch -Patch2: backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch -Patch3: backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch +Patch1: backport-CVE-2024-0553-rsa-psk-minimize-branching-after-decryption.patch +Patch2: backport-CVE-2024-0567-x509-detect-loop-in-certificate-chain.patch %bcond_without dane %bcond_with guile @@ -37,12 +36,8 @@ Requires: crypto-policies, p11-kit-trust, libtasn1, nettle Recommends: trousers >= 0.3.11.2 Provides: bundled(gnulib) = 20130424 -Provides: gnutls-utils = %{version}-%{release} Provides: gnutls-c++ = %{version}-%{release} -Provides: gnutls-dane = %{version}-%{release} -Obsoletes: gnutls-utils < %{version}-%{release} -Obsoletes: gnutls-c++ < %{version}-%{release} -Obsoletes: gnutls-dane < %{version}-%{release} +Obsoletes: gnutls-c++ < %{version}-%{release} %description GnuTLS is a secure communications library implementing the SSL, TLS and DTLS @@ -58,11 +53,47 @@ of application code. %package devel Summary: Development files for %{name} Requires: %{name}%{?_isa} = %{version}-%{release} +%if %{with dane} +Requires: %{name}-dane%{?_isa} = %{version}-%{release} +%endif Requires: pkgconf %description devel This package contains files needed for developing applications with %{name}. +%package utils +License: GPL-3.0-or-later +Summary: Command line tools for TLS protocol +Requires: %{name}%{?_isa} = %{version}-%{release} +%if %{with dane} +Requires: %{name}-dane%{?_isa} = %{version}-%{release} +%endif + +%description utils +GnuTLS is a secure communications library implementing the SSL, TLS and DTLS +protocols and technologies around them. It provides a simple C language +application programming interface (API) to access the secure communications +protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and +other required structures. +This package contains command line TLS client and server and certificate +manipulation tools. + +%if %{with dane} +%package dane +Summary: A DANE protocol implementation for GnuTLS +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description dane +GnuTLS is a secure communications library implementing the SSL, TLS and DTLS +protocols and technologies around them. It provides a simple C language +application programming interface (API) to access the secure communications +protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and +other required structures. +This package contains library that implements the DANE protocol for verifying +TLS certificates through DNSSEC. + +%endif + %package_help %if %{with guile} @@ -90,8 +121,10 @@ echo "SYSTEM=NORMAL" >> tests/system.prio # via the crypto policies %build +%if "%toolchain" != "clang" CCASFLAGS="$CCASFLAGS -Wa,--generate-missing-build-notes=yes" export CCASFLAGS +%endif # These should be checked by m4/guile.m4 instead of configure.ac # taking into account of _guile_suffix @@ -159,22 +192,31 @@ make check %{?_smp_mflags} %defattr(-,root,root) %doc README.md AUTHORS %license LICENSE doc/COPYING doc/COPYING.LESSER +%{_libdir}/libgnutls.so.30* +%{_libdir}/libgnutlsxx.so.* +%if %{with fips} +%{_libdir}/.libgnutls.so.*.hmac +%endif + +%files utils %{_bindir}/certtool %{_bindir}/tpmtool %{_bindir}/ocsptool %{_bindir}/psktool %{_bindir}/p11tool -%{_bindir}/gnutls* %if %{with dane} %{_bindir}/danetool -%{_libdir}/libgnutls-dane.so.* %endif -%{_libdir}/libgnutls.so.30* -%{_libdir}/libgnutlsxx.so.* -%if %{with fips} -%{_libdir}/.libgnutls.so.*.hmac +%{_bindir}/gnutls* +%{_mandir}/man1/* +%doc doc/certtool.cfg + +%if %{with dane} +%files dane +%{_libdir}/libgnutls-dane.so.* %endif + %files devel %defattr(-,root,root) %{_libdir}/pkgconfig/*.pc @@ -201,6 +243,28 @@ make check %{?_smp_mflags} %endif %changelog +* Fri Mar 22 2024 wangyaoyong - 3.8.2-3 +- support change CC to compile with clang + +* Wed Feb 28 2024 duyiwei - 3.8.2-2 +- detach the sub package gnutls-utils and gnutls-dane from gnutls + +* Mon Jan 29 2024 xuraoqing - 3.8.2-1 +- update to 3.8.2 +- some API and ABI modifications, see NEWS for details +- New option --attime to specify current time +- libgnutls: Add a mechanism to control whether to enforce extended master secret (RFC 7627) +- libgnutls: Add additional PBKDF limit checks in FIPS mode as defined in SP 800-132 +- libgnutls: %GNUTLS_NO_EXTENSIONS has been renamed to %GNUTLS_NO_DEFAULT_EXTENSIONS. +- libgnutls: Add support for RFC 9258 external PSK importer. +- libgnutls: ClientHello extensions are randomized by default, + To make fingerprinting harder, TLS extensions in ClientHello messages are shuffled. +- gnutls-cli: New option --starttls-name. +- libgnutls: transparent KTLS support is extended to FreeBSD kernel. +- libgnutls: Added support for AES-GCM-SIV ciphers (RFC 8452). +- libgnutls: Add API functions to perform ECDH and DH key agreement. +- libgnutls: Fix timing side-channel inside RSA-PSK key exchange(CVE-2023-5981). + * Wed Jan 17 2024 xuraoqing - 3.8.0-3 - fix CVE-2024-0553 and CVE-2024-0567