diff options
| author | Nick Hainke <vincent@systemli.org> | 2022-08-07 09:18:17 +0200 |
|---|---|---|
| committer | Nick Hainke <vincent@systemli.org> | 2022-08-07 09:18:17 +0200 |
| commit | 0a4345d978c7f7901b2f28f874aeb6a2026ef6fb (patch) | |
| tree | 2e38baeee34be76d9fd1ac65207636e4c7b823ed /LICENSE | |
| parent | 82a45b28b736642d263038e0b596c620fa5102e7 (diff) | |
gnutls: update to 3.7.7
- libgnutls: Fixed double free during verification of pkcs7 signatures.
Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium]
[CVE-2022-2509]
- libgnutls: gnutls_hkdf_expand now only accepts LENGTH argument less than or
equal to 255 times hash digest size, to comply with RFC 5869 2.3.
- libgnutls: Length limit for TLS PSK usernames has been increased
from 128 to 65535 characters (#1323).
- libgnutls: AES-GCM encryption function now limits plaintext
length to 2^39-256 bits, according to SP800-38D 5.2.1.1.
- libgnutls: New block cipher functions have been added to transparently
handle padding. gnutls_cipher_encrypt3 and gnutls_cipher_decrypt3 can be
used in combination of GNUTLS_CIPHER_PADDING_PKCS7 flag to automatically
add/remove padding if the length of the original plaintext is not a multiple
of the block size.
- libgnutls: New function for manual FIPS self-testing.
API and ABI modifications:
- gnutls_fips140_run_self_tests: New function
- gnutls_cipher_encrypt3: New function
- gnutls_cipher_decrypt3: New function
- gnutls_cipher_padding_flags_t: New enum
Signed-off-by: Nick Hainke <vincent@systemli.org>
Diffstat (limited to 'LICENSE')
0 files changed, 0 insertions, 0 deletions