Opened 6 weeks ago

Closed 5 weeks ago

#19592 closed enhancement (fixed)

gnutls-3.8.5

Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 12.2
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (3)

comment:1 by Xi Ruoyao, 6 weeks ago

Version 3.8.5 (released 2024-04-04)

  • libgnutls: Due to majority of usages and implementations of

RSA decryption with PKCS#1 v1.5 padding being incorrect, leaving them vulnerable to Marvin attack, the RSAES-PKCS1-v1_5 is being deprecated (encryption and decryption) and will be disabled in the future. A new option allow-rsa-pkcs1-encrypt has been added into the system-wide library configuration which allows to enable/disable the RSAES-PKCS1-v1_5. Currently, the RSAES-PKCS1-v1_5 is enabled by default.

  • libgnutls: Added support for RIPEMD160 and PBES1-DES-SHA1 for

backward compatibility with GCR.

  • libgnutls: A couple of memory related issues have been fixed in RSA PKCS#1

v1.5 decryption error handling and deterministic ECDSA with earlier versions of GMP. These were a regression introduced in the 3.8.4 release. See #1535 and !1827.

  • build: Fixed a bug where building gnutls statically failed due

to a duplicate definition of nettle_rsa_compute_root_tr().

  • API and ABI modifications:
    • GNUTLS_PKCS_PBES1_DES_SHA1: New enum member of gnutls_pkcs_encrypt_flags_t

comment:2 by Bruce Dubbs, 6 weeks ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:3 by Bruce Dubbs, 5 weeks ago

Resolution: fixed
Status: assignedclosed

Fixed at commits 

1b20792374 Update to hwdata-0.381.
6edddf483e Update to enchant-2.6.9.
84493d67eb Update to gnutls-3.8.5.
Note: See TracTickets for help on using tickets.