ELSA-2021-4451

Описание

gnutls [3.6.16-4]

• p11tool: Document ID reuse behavior when importing certs (#1776250)

[3.6.16-3]

• Treat SHA-1 signed CA in the trusted set differently (#1965445)

[3.6.16-2]

• Filter certificate_types in TLS 1.2 CR based on signature algorithms (#1942216)

[3.6.16-1]

• Update to upstream 3.6.16 release (#1956783)
• Fix potential use-after-free in key_share handling (#1927597)
• Fix potential use-after-free in pre_shared_key handling (#1927593)
• Stop gnutls-serv relying on AI_ADDRCONFIG to decide listening address (#1908334)
• Fix cert expiration issue in tests (#1908110)

[3.6.14-10]

• Port fixes for potential miscalculation in ecdsa_verify (#1942931)

[3.6.14-9]

• Revert the previous change

nettle [3.4.1-7]

• Backport CVE-2021-3580 from upstream 3.7.3 release (#1967990)

[3.4.1-6]

• Enable CTR mode optimization when the block size is 16

[3.4.1-5]

• Backport powerpc64 optimization patches from upstream (#1855228) Patch from Christopher M. Riedl.