Blame SPECS/gnutls.spec

118cf7
%define srpmhash() %{lua:
118cf7
local files = rpm.expand("%_specdir/gnutls.spec")
118cf7
for i, p in ipairs(patches) do
118cf7
   files = files.." "..p
118cf7
end
118cf7
for i, p in ipairs(sources) do
118cf7
   files = files.." "..p
118cf7
end
118cf7
local sha256sum = assert(io.popen("cat "..files.."| sha256sum"))
118cf7
local hash = sha256sum:read("*a")
118cf7
sha256sum:close()
118cf7
print(string.sub(hash, 0, 16))
118cf7
}
118cf7
e79d4b
Version: 3.7.6
e79d4b
Release: 11%{?dist}
e79d4b
# not upstreamed
e79d4b
Patch: gnutls-3.6.7-no-now-guile.patch
e79d4b
Patch: gnutls-3.2.7-rpath.patch
e79d4b
Patch: gnutls-3.7.2-enable-intel-cet.patch
e79d4b
Patch: gnutls-3.7.2-no-explicit-init.patch
e79d4b
e79d4b
# upstreamed
e79d4b
Patch: gnutls-3.7.6-fips-run-selftests.patch
e79d4b
Patch: gnutls-3.7.6-ktls-disable-by-default.patch
e79d4b
Patch: gnutls-3.7.6-ktls-fixes.patch
e79d4b
Patch: gnutls-3.7.6-aes-gcm-pt-limit.patch
e79d4b
Patch: gnutls-3.7.6-pkcs7-verify.patch
e79d4b
Patch: gnutls-3.7.6-fips-pkcs12-des-cbc.patch
e79d4b
Patch: gnutls-3.7.6-fips-rsa-key-sizes.patch
5dccd1
5dccd1
# not upstreamed
e79d4b
Patch: gnutls-3.7.3-disable-config-reload.patch
e79d4b
Patch: gnutls-3.7.3-fips-dsa-post.patch
e79d4b
Patch: gnutls-3.7.6-drbg-reseed.patch
e79d4b
Patch: gnutls-3.7.6-cpuid-fixes.patch
e79d4b
Patch: gnutls-3.7.6-gmp-static.patch
5dccd1
5dccd1
%bcond_without bootstrap
8b9ea0
%bcond_without dane
8b9ea0
%if 0%{?rhel}
8b9ea0
%bcond_with guile
8b9ea0
%bcond_without fips
8b9ea0
%else
8b9ea0
%bcond_without guile
8b9ea0
%bcond_without fips
8b9ea0
%endif
8b9ea0
%bcond_with tpm12
118cf7
%bcond_without tpm2
8b9ea0
%bcond_with gost
e79d4b
%bcond_with certificate_compression
e79d4b
%bcond_without tests
8b9ea0
8b9ea0
Summary: A TLS protocol implementation
8b9ea0
Name: gnutls
8b9ea0
# The libraries are LGPLv2.1+, utilities are GPLv3+
8b9ea0
License: GPLv3+ and LGPLv2+
8b9ea0
BuildRequires: p11-kit-devel >= 0.21.3, gettext-devel
e79d4b
BuildRequires: readline-devel, libtasn1-devel >= 4.3
e79d4b
%if %{with certificate_compression}
e79d4b
BuildRequires: zlib-devel, brotli-devel, libzstd-devel
e79d4b
%endif
8b9ea0
%if %{with bootstrap}
5dccd1
BuildRequires: automake, autoconf, gperf, libtool
8b9ea0
%endif
5dccd1
BuildRequires: texinfo
8b9ea0
BuildRequires: nettle-devel >= 3.5.1
8b9ea0
%if %{with tpm12}
8b9ea0
BuildRequires: trousers-devel >= 0.3.11.2
8b9ea0
%endif
118cf7
%if %{with tpm2}
118cf7
BuildRequires: tpm2-tss-devel >= 3.0.3
118cf7
%endif
8b9ea0
BuildRequires: libidn2-devel
8b9ea0
BuildRequires: libunistring-devel
8b9ea0
BuildRequires: net-tools, datefudge, softhsm, gcc, gcc-c++
8b9ea0
BuildRequires: gnupg2
e79d4b
BuildRequires: git-core
8b9ea0
8b9ea0
# for a sanity check on cert loading
8b9ea0
BuildRequires: p11-kit-trust, ca-certificates
8b9ea0
Requires: crypto-policies
8b9ea0
Requires: p11-kit-trust
8b9ea0
Requires: libtasn1 >= 4.3
8b9ea0
Requires: nettle >= 3.4.1
8b9ea0
%if %{with tpm12}
8b9ea0
Recommends: trousers >= 0.3.11.2
8b9ea0
%endif
8b9ea0
8b9ea0
%if %{with dane}
8b9ea0
BuildRequires: unbound-devel unbound-libs
8b9ea0
%endif
8b9ea0
%if %{with guile}
8b9ea0
BuildRequires: guile22-devel
8b9ea0
%endif
8b9ea0
BuildRequires: make
8b9ea0
URL: http://www.gnutls.org/
8b9ea0
Source0: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz
8b9ea0
Source1: https://www.gnupg.org/ftp/gcrypt/gnutls/v3.7/%{name}-%{version}.tar.xz.sig
e79d4b
Source2: gnutls-release-keyring.gpg
e79d4b
e79d4b
Source100:	gmp-6.2.1.tar.xz
e79d4b
# Taken from the main gmp package
e79d4b
Source101:	gmp-6.2.1-intel-cet.patch
8b9ea0
8b9ea0
# Wildcard bundling exception https://fedorahosted.org/fpc/ticket/174
8b9ea0
Provides: bundled(gnulib) = 20130424
8b9ea0
8b9ea0
%package c++
8b9ea0
Summary: The C++ interface to GnuTLS
8b9ea0
Requires: %{name}%{?_isa} = %{version}-%{release}
8b9ea0
8b9ea0
%package devel
8b9ea0
Summary: Development files for the %{name} package
8b9ea0
Requires: %{name}%{?_isa} = %{version}-%{release}
8b9ea0
Requires: %{name}-c++%{?_isa} = %{version}-%{release}
8b9ea0
%if %{with dane}
8b9ea0
Requires: %{name}-dane%{?_isa} = %{version}-%{release}
8b9ea0
%endif
8b9ea0
Requires: pkgconfig
8b9ea0
8b9ea0
%package utils
8b9ea0
License: GPLv3+
8b9ea0
Summary: Command line tools for TLS protocol
8b9ea0
Requires: %{name}%{?_isa} = %{version}-%{release}
8b9ea0
%if %{with dane}
8b9ea0
Requires: %{name}-dane%{?_isa} = %{version}-%{release}
8b9ea0
%endif
8b9ea0
8b9ea0
%if %{with dane}
8b9ea0
%package dane
8b9ea0
Summary: A DANE protocol implementation for GnuTLS
8b9ea0
Requires: %{name}%{?_isa} = %{version}-%{release}
8b9ea0
%endif
8b9ea0
8b9ea0
%if %{with guile}
8b9ea0
%package guile
8b9ea0
Summary: Guile bindings for the GNUTLS library
8b9ea0
Requires: %{name}%{?_isa} = %{version}-%{release}
8b9ea0
Requires: guile22
8b9ea0
%endif
8b9ea0
8b9ea0
%description
8b9ea0
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
8b9ea0
protocols and technologies around them. It provides a simple C language 
8b9ea0
application programming interface (API) to access the secure communications 
8b9ea0
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
8b9ea0
other required structures. 
8b9ea0
8b9ea0
%description c++
8b9ea0
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
8b9ea0
protocols and technologies around them. It provides a simple C language 
8b9ea0
application programming interface (API) to access the secure communications 
8b9ea0
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
8b9ea0
other required structures. 
8b9ea0
8b9ea0
%description devel
8b9ea0
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
8b9ea0
protocols and technologies around them. It provides a simple C language 
8b9ea0
application programming interface (API) to access the secure communications 
8b9ea0
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
8b9ea0
other required structures. 
8b9ea0
This package contains files needed for developing applications with
8b9ea0
the GnuTLS library.
8b9ea0
8b9ea0
%description utils
8b9ea0
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
8b9ea0
protocols and technologies around them. It provides a simple C language 
8b9ea0
application programming interface (API) to access the secure communications 
8b9ea0
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
8b9ea0
other required structures. 
8b9ea0
This package contains command line TLS client and server and certificate
8b9ea0
manipulation tools.
8b9ea0
8b9ea0
%if %{with dane}
8b9ea0
%description dane
8b9ea0
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
8b9ea0
protocols and technologies around them. It provides a simple C language 
8b9ea0
application programming interface (API) to access the secure communications 
8b9ea0
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
8b9ea0
other required structures. 
8b9ea0
This package contains library that implements the DANE protocol for verifying
8b9ea0
TLS certificates through DNSSEC.
8b9ea0
%endif
8b9ea0
8b9ea0
%if %{with guile}
8b9ea0
%description guile
8b9ea0
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS 
8b9ea0
protocols and technologies around them. It provides a simple C language 
8b9ea0
application programming interface (API) to access the secure communications 
8b9ea0
protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and 
8b9ea0
other required structures. 
8b9ea0
This package contains Guile bindings for the library.
8b9ea0
%endif
8b9ea0
8b9ea0
%prep
e79d4b
# Workaround: to allow building the package under FIPS, do not treat
e79d4b
# errors in the GPG check as fatal, where EdDSA signature verification
e79d4b
# is not allowed:
e79d4b
%{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}' || :
e79d4b
e79d4b
%autosetup -p1 -S git
e79d4b
e79d4b
%if %{with fips}
e79d4b
mkdir -p bundled_gmp
e79d4b
pushd bundled_gmp
e79d4b
tar --strip-components=1 -xf %{SOURCE100}
e79d4b
patch -p1 < %{SOURCE101}
e79d4b
popd
e79d4b
%endif
e79d4b
e79d4b
%build
e79d4b
%ifarch aarch64 ppc64le
e79d4b
%define _lto_cflags %{nil}
e79d4b
%endif
e79d4b
e79d4b
%if %{with fips}
e79d4b
pushd bundled_gmp
e79d4b
autoreconf -ifv
e79d4b
%configure --disable-cxx --disable-shared --enable-fat --with-pic
e79d4b
%make_build
e79d4b
popd
e79d4b
e79d4b
export GMP_CFLAGS="-I$PWD/bundled_gmp"
e79d4b
export GMP_LIBS="$PWD/bundled_gmp/.libs/libgmp.a"
e79d4b
%endif
8b9ea0
8b9ea0
%if %{with bootstrap}
8b9ea0
autoreconf -fi
8b9ea0
%endif
8b9ea0
8b9ea0
sed -i -e 's|sys_lib_dlsearch_path_spec="/lib /usr/lib|sys_lib_dlsearch_path_spec="/lib /usr/lib %{_libdir}|g' configure
8b9ea0
rm -f lib/minitasn1/*.c lib/minitasn1/*.h
8b9ea0
8b9ea0
echo "SYSTEM=NORMAL" >> tests/system.prio
8b9ea0
8b9ea0
%if %{with guile}
8b9ea0
# These should be checked by m4/guile.m4 instead of configure.ac
8b9ea0
# taking into account of _guile_suffix
8b9ea0
guile_snarf=%{_bindir}/guile-snarf2.2
8b9ea0
export guile_snarf
8b9ea0
GUILD=%{_bindir}/guild2.2
8b9ea0
export GUILD
8b9ea0
%endif
8b9ea0
118cf7
%if %{with fips}
118cf7
eval $(sed -n 's/^\(\(NAME\|VERSION_ID\)=.*\)/OS_\1/p' /etc/os-release)
e79d4b
export FIPS_MODULE_NAME="$OS_NAME ${OS_VERSION_ID%%.*} %name"
118cf7
%endif
118cf7
8b9ea0
%configure \
8b9ea0
%if %{with fips}
8b9ea0
           --enable-fips140-mode \
118cf7
           --with-fips140-module-name="$FIPS_MODULE_NAME" \
118cf7
           --with-fips140-module-version=%{version}-%{srpmhash} \
8b9ea0
%endif
8b9ea0
%if %{with gost}
8b9ea0
    	   --enable-gost \
8b9ea0
%else
8b9ea0
	   --disable-gost \
8b9ea0
%endif
8b9ea0
	   --enable-sha1-support \
8b9ea0
           --disable-static \
8b9ea0
           --disable-openssl-compatibility \
8b9ea0
           --disable-non-suiteb-curves \
8b9ea0
           --with-system-priority-file=%{_sysconfdir}/crypto-policies/back-ends/gnutls.config \
8b9ea0
           --with-default-trust-store-pkcs11="pkcs11:" \
8b9ea0
%if %{with tpm12}
8b9ea0
           --with-trousers-lib=%{_libdir}/libtspi.so.1 \
8b9ea0
%else
8b9ea0
           --without-tpm \
8b9ea0
%endif
118cf7
%if %{with tpm2}
118cf7
           --with-tpm2 \
118cf7
%else
118cf7
           --without-tpm2 \
118cf7
%endif
e79d4b
           --enable-ktls \
8b9ea0
           --htmldir=%{_docdir}/manual \
8b9ea0
%if %{with guile}
8b9ea0
           --enable-guile \
8b9ea0
           --with-guile-extension-dir=%{_libdir}/guile/2.2 \
8b9ea0
%else
8b9ea0
           --disable-guile \
8b9ea0
%endif
8b9ea0
%if %{with dane}
8b9ea0
           --with-unbound-root-key-file=/var/lib/unbound/root.key \
8b9ea0
           --enable-libdane \
8b9ea0
%else
8b9ea0
           --disable-libdane \
8b9ea0
%endif
e79d4b
%if %{with certificate_compression}
e79d4b
	   --with-zlib --with-brotli --with-zstd \
e79d4b
%else
e79d4b
	   --without-zlib --without-brotli --without-zstd \
e79d4b
%endif
8b9ea0
           --disable-rpath \
8b9ea0
           --with-default-priority-string="@SYSTEM"
8b9ea0
e79d4b
# build libgnutlsxx.so with older SONAME
e79d4b
make %{?_smp_mflags} V=1 CXX_LT_CURRENT=29 CXX_LT_REVISION=0 CXX_LT_AGE=1
8b9ea0
8b9ea0
%install
8b9ea0
make install DESTDIR=$RPM_BUILD_ROOT
e79d4b
e79d4b
# build libgnutlsxx.so with newer SONAME
e79d4b
pushd lib
e79d4b
rm -f libgnutlsxx.la
e79d4b
make %{?_smp_mflags} V=1
e79d4b
make install DESTDIR=$RPM_BUILD_ROOT
e79d4b
popd
e79d4b
touch doc/examples/ex-cxx
e79d4b
8b9ea0
make -C doc install-html DESTDIR=$RPM_BUILD_ROOT
e79d4b
8b9ea0
rm -f $RPM_BUILD_ROOT%{_infodir}/dir
8b9ea0
rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
8b9ea0
rm -f $RPM_BUILD_ROOT%{_libdir}/guile/2.2/guile-gnutls*.a
8b9ea0
rm -f $RPM_BUILD_ROOT%{_libdir}/guile/2.2/guile-gnutls*.la
8b9ea0
%if %{without dane}
8b9ea0
rm -f $RPM_BUILD_ROOT%{_libdir}/pkgconfig/gnutls-dane.pc
8b9ea0
%endif
8b9ea0
e79d4b
%if %{with fips}
e79d4b
# doing it twice should be a no-op the second time,
e79d4b
# and this way we avoid redefining it and missing a future change
e79d4b
%{__spec_install_post}
e79d4b
./lib/fipshmac "$RPM_BUILD_ROOT%{_libdir}/libgnutls.so.30" > $RPM_BUILD_ROOT%{_libdir}/.gnutls.hmac
e79d4b
sed -i "s^$RPM_BUILD_ROOT/usr^^" $RPM_BUILD_ROOT%{_libdir}/.gnutls.hmac
e79d4b
%endif
e79d4b
e79d4b
%if %{with fips}
e79d4b
%define __spec_install_post \
e79d4b
	%{?__debug_package:%{__debug_install_post}} \
e79d4b
	%{__arch_install_post} \
e79d4b
	%{__os_install_post} \
e79d4b
%{nil}
e79d4b
%endif
e79d4b
8b9ea0
%find_lang gnutls
8b9ea0
8b9ea0
%check
e79d4b
%if %{with tests}
8b9ea0
make check %{?_smp_mflags} GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null
e79d4b
%endif
8b9ea0
8b9ea0
%files -f gnutls.lang
8b9ea0
%{_libdir}/libgnutls.so.30*
8b9ea0
%if %{with fips}
e79d4b
%{_libdir}/.gnutls.hmac
8b9ea0
%endif
8b9ea0
%doc README.md AUTHORS NEWS THANKS
8b9ea0
%license LICENSE doc/COPYING doc/COPYING.LESSER
8b9ea0
8b9ea0
%files c++
8b9ea0
%{_libdir}/libgnutlsxx.so.*
8b9ea0
8b9ea0
%files devel
8b9ea0
%{_includedir}/*
8b9ea0
%{_libdir}/libgnutls*.so
8b9ea0
%{_libdir}/pkgconfig/*.pc
8b9ea0
%{_mandir}/man3/*
8b9ea0
%{_infodir}/gnutls*
8b9ea0
%{_infodir}/pkcs11-vision*
8b9ea0
%{_docdir}/manual/*
8b9ea0
8b9ea0
%files utils
8b9ea0
%{_bindir}/certtool
8b9ea0
%if %{with tpm12}
8b9ea0
%{_bindir}/tpmtool
8b9ea0
%endif
8b9ea0
%{_bindir}/ocsptool
8b9ea0
%{_bindir}/psktool
8b9ea0
%{_bindir}/p11tool
8b9ea0
%{_bindir}/srptool
8b9ea0
%if %{with dane}
8b9ea0
%{_bindir}/danetool
8b9ea0
%endif
8b9ea0
%{_bindir}/gnutls*
8b9ea0
%{_mandir}/man1/*
8b9ea0
%doc doc/certtool.cfg
8b9ea0
8b9ea0
%if %{with dane}
8b9ea0
%files dane
8b9ea0
%{_libdir}/libgnutls-dane.so.*
8b9ea0
%endif
8b9ea0
8b9ea0
%if %{with guile}
8b9ea0
%files guile
8b9ea0
%{_libdir}/guile/2.2/guile-gnutls*.so*
8b9ea0
%{_libdir}/guile/2.2/site-ccache/gnutls.go
8b9ea0
%{_libdir}/guile/2.2/site-ccache/gnutls/extra.go
8b9ea0
%{_datadir}/guile/site/2.2/gnutls.scm
8b9ea0
%{_datadir}/guile/site/2.2/gnutls/extra.scm
8b9ea0
%endif
8b9ea0
8b9ea0
%changelog
e79d4b
* Fri Aug 26 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-11
e79d4b
- Supply --with{,out}-{zlib,brotli,zstd} explicitly
e79d4b
e79d4b
* Thu Aug 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-10
e79d4b
- Revert nettle version pinning as it doesn't work well in side-tag
e79d4b
e79d4b
* Thu Aug 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-9
e79d4b
- Pin nettle version in Requires when compiled with FIPS
e79d4b
e79d4b
* Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-8
e79d4b
- Bundle GMP to privatize memory functions
e79d4b
- Disable certificate compression support by default
e79d4b
e79d4b
* Tue Aug 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-7
e79d4b
- Update gnutls-3.7.6-cpuid-fixes.patch
e79d4b
e79d4b
* Sat Aug 20 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-6
e79d4b
- Mark RSA SigVer operation approved for known modulus sizes (#2119770)
e79d4b
- accelerated: clear AVX bits if it cannot be queried through XSAVE
e79d4b
e79d4b
* Thu Aug  4 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-5
e79d4b
- Block DES-CBC usage in decrypting PKCS#12 bag under FIPS (#2115314)
e79d4b
- sysrng: reseed source DRBG for prediction resistance
e79d4b
e79d4b
* Fri Jul 29 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-4
e79d4b
- Make gnutls-cli work with KTLS for testing
e79d4b
- Fix double-free in gnutls_pkcs7_verify (#2109789)
e79d4b
e79d4b
* Mon Jul 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-3
e79d4b
- Limit input size for AES-GCM according to SP800-38D (#2108635)
e79d4b
- Do not treat GPG verification errors as fatal
e79d4b
- Remove gnutls-3.7.6-libgnutlsxx-const.patch
e79d4b
e79d4b
* Tue Jul 19 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-2
e79d4b
- Allow enabling KTLS with config file (#2108532)
e79d4b
e79d4b
* Fri Jul  1 2022 Daiki Ueno <dueno@redhat.com> - 3.7.6-1
e79d4b
- Update to gnutls 3.7.6 (#2102591)
e79d4b
e79d4b
* Thu Mar 31 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-10
e79d4b
- Use only the first component of VERSION from /etc/os-release (#2076626)
e79d4b
- Don't run power-on self-tests on DSA (#2076627)
e79d4b
5dccd1
* Fri Feb 25 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-9
5dccd1
- Stop using typeof keyword for tss2 function prototypes (#2057490)
5dccd1
- Ensure allowlist API is called before priority string construction (#1975421)
5dccd1
5dccd1
* Thu Feb 24 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-8
5dccd1
- Fix previous change for loading libtss2* (#2057490)
5dccd1
5dccd1
* Wed Feb 23 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-7
5dccd1
- Increase GNUTLS_MAX_ALGORITHM_NUM for allowlisting (#2033220)
5dccd1
- Ensure allowlisting API is called before priority string is constructed (#2042532)
5dccd1
- Use dlopen for loading libtss2* to avoid OpenSSL dependency (#2057490)
5dccd1
5dccd1
* Tue Feb 22 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-6
5dccd1
- Compile out GOST algorithm IDs (#1945292)
5dccd1
118cf7
* Thu Feb 17 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.3-5
118cf7
- Fix upstream testsuite in fips mode (#2051637)
118cf7
118cf7
* Wed Feb 16 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-4
118cf7
- Specify FIPS140-3 module name and version
118cf7
- fips: allow a few more primes in RSA key generation
118cf7
- fips: tighten PKCS#12 algorithm checks
118cf7
- Correct return value of KTLS stub API
118cf7
118cf7
* Tue Feb 15 2022 Zoltan Fridrich <zfridric@redhat.com> - 3.7.3-3
118cf7
- Disable config reload in order to not break allowlisting (#2042532)
118cf7
118cf7
* Wed Feb  2 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-2
118cf7
- Build with TPM2 support, patch from Alexander Sosedkin (#2033220)
118cf7
118cf7
* Tue Jan 18 2022 Daiki Ueno <dueno@redhat.com> - 3.7.3-1
118cf7
- Update to gnutls 3.7.3 (#2033220)
118cf7
118cf7
* Wed Dec 22 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-10
118cf7
- Update gnutls_{hash,hmac}_copy man-pages as well (#1999639)
118cf7
118cf7
* Wed Dec 22 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-9
118cf7
- Drop support for GNUTLS_NO_EXPLICIT_INIT envvar in favor of
118cf7
  GNUTLS_NO_IMPLICIT_INIT (#1999639)
118cf7
- Expand documentation of gnutls_{hash,hmac}_copy, mentioning that
118cf7
  those do not always work (#1999639)
118cf7
118cf7
* Tue Dec 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-9
118cf7
- Fix race condition when resolving SYSTEM priority in allowlisting mode (#2012249)
118cf7
d7a338
* Thu Oct 21 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-8
d7a338
- Fix issues in bundled libopts, spotted by covscan (#1938730)
d7a338
d7a338
* Tue Oct 12 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-7
d7a338
- Enable Intel CET
d7a338
- Remove unnecessary CCASFLAGS setting for annocheck
d7a338
d7a338
* Thu Aug 19 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-6
d7a338
- Reorder doc/invoke-*.texi generation (#1975482)
d7a338
- Temporarily disable LTO for aarch64 and ppc64le
d7a338
d7a338
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.7.2-5
d7a338
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
d7a338
  Related: rhbz#1991688
d7a338
8b9ea0
* Mon Aug  2 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-4
8b9ea0
- Disable GOST cryptography by default (#1945292)
8b9ea0
- Tighten timestamp adjustment when not bootstrapping (#1975482)
8b9ea0
- Re-enable LTO (#1986143)
8b9ea0
8b9ea0
* Mon Jun 28 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-3
8b9ea0
- Enable allowlisting configuration mode (#1975421)
8b9ea0
8b9ea0
* Sat Jun 26 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-2
8b9ea0
- Remove %%defattr invocations which are no longer necessary
8b9ea0
- libpkcs11mock1.* is not installed anymore
8b9ea0
- hobble-gnutls: Remove SRP removal
8b9ea0
- Use correct source URL
8b9ea0
- Switch to using %%gpgverify macro
8b9ea0
8b9ea0
* Fri Jun 25 2021 Daiki Ueno <dueno@redhat.com> - 3.7.2-1
8b9ea0
- Update to upstream 3.7.2 release (#1966479)
8b9ea0
8b9ea0
* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 3.7.1-6
8b9ea0
- Rebuilt for RHEL 9 BETA for openssl 3.0
8b9ea0
  Related: rhbz#1971065
8b9ea0
8b9ea0
* Thu Jun  3 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-5
8b9ea0
- Fix typo in TPM 1.2 disablement (#1927370)
8b9ea0
8b9ea0
* Thu May 27 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-4
8b9ea0
- Disable TPM support by default (#1927370)
8b9ea0
8b9ea0
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 3.7.1-3
8b9ea0
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
8b9ea0
8b9ea0
* Tue Mar 16 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-2
8b9ea0
- Restore fipscheck dependency
8b9ea0
8b9ea0
* Sat Mar 13 2021 Daiki Ueno <dueno@redhat.com> - 3.7.1-1
8b9ea0
- Update to upstream 3.7.1 release
8b9ea0
- Remove fipscheck dependency, as it is now calculated with an
8b9ea0
  internal tool
8b9ea0
8b9ea0
* Fri Mar  5 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-4
8b9ea0
- Tolerate duplicate certs in the chain also with PKCS #11 trust store
8b9ea0
8b9ea0
* Tue Mar  2 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-3
8b9ea0
- Reduce BRs for non-bootstrapping build
8b9ea0
8b9ea0
* Wed Feb 10 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-2
8b9ea0
- Tolerate duplicate certs in the chain
8b9ea0
8b9ea0
* Mon Feb  8 2021 Daiki Ueno <dueno@redhat.com> - 3.7.0-1
8b9ea0
- Update to upstream 3.7.0 release
8b9ea0
- Temporarily disable LTO
8b9ea0
8b9ea0
* Tue Jan 26 2021 Daiki Ueno <dueno@redhat.com> - 3.6.15-4
8b9ea0
- Fix broken tests on rawhide (#1908110)
8b9ea0
- Add BuildRequires: make (by Tom Stellard)
8b9ea0
8b9ea0
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.15-3
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Sep 28 2020 Jeff Law <law@redhat.com> - 3.6.15-2
8b9ea0
- Re-enable LTO now that upstream GCC bugs have been fixed
8b9ea0
8b9ea0
* Fri Sep  4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.15-1
8b9ea0
- Update to upstream 3.6.15 release
8b9ea0
8b9ea0
* Mon Aug 17 2020 Jeff Law <law@redhat.com> - 3.6.14-7
8b9ea0
- Disable LTO on ppc64le
8b9ea0
8b9ea0
* Tue Aug  4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.14-6
8b9ea0
- Fix underlinking of libpthread
8b9ea0
8b9ea0
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.14-5
8b9ea0
- Second attempt - Rebuilt for
8b9ea0
  https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.14-4
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
8b9ea0
8b9ea0
* Thu Jul 02 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.14-3
8b9ea0
- Rebuild with autogen built with guile-2.2 (#1852706)
8b9ea0
8b9ea0
* Tue Jun 09 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.14-2
8b9ea0
- Fix memory leak when serializing iovec_t (#1845083)
8b9ea0
- Fix automatic libraries sonames detection (#1845806)
8b9ea0
8b9ea0
* Thu Jun  4 2020 Daiki Ueno <dueno@redhat.com> - 3.6.14-1
8b9ea0
- Update to upstream 3.6.14 release
8b9ea0
8b9ea0
* Sun May 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-6
8b9ea0
- Update gnutls-3.6.13-superseding-chain.patch
8b9ea0
8b9ea0
* Sun May 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-5
8b9ea0
- Fix cert chain validation behavior if the last cert has expired (#1842178)
8b9ea0
8b9ea0
* Mon May 25 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-4
8b9ea0
- Add option to gnutls-cli to wait for resumption under TLS 1.3
8b9ea0
8b9ea0
* Tue May 19 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-3
8b9ea0
- Disable RSA blinding during FIPS self-tests
8b9ea0
8b9ea0
* Thu May 14 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.13-2
8b9ea0
- Bump linked libraries soname to fix FIPS selftests (#1835265)
8b9ea0
8b9ea0
* Tue Mar 31 2020 Daiki Ueno <dueno@redhat.com> - 3.6.13-1
8b9ea0
- Update to upstream 3.6.13 release
8b9ea0
8b9ea0
* Thu Mar 26 2020 Anderson Sasaki <ansasaki@redhat.com> - 3.6.12-2
8b9ea0
- Fix FIPS POST (#1813384)
8b9ea0
- Fix gnutls-serv --echo to not exit when a message is received (#1816583)
8b9ea0
8b9ea0
* Sun Feb 02 2020 Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> - 3.6.12-1
8b9ea0
- Update to upstream 3.6.12 release
8b9ea0
8b9ea0
* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.11-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Dec 02 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.11-1
8b9ea0
- Update to upstream 3.6.11 release
8b9ea0
8b9ea0
* Sun Sep 29 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.10-1
8b9ea0
- Update to upstream 3.6.10 release
8b9ea0
8b9ea0
* Fri Jul 26 2019 Nikos Mavrogiannopoulos <nmav@gnutls.org> - 3.6.9-1
8b9ea0
- Update to upstream 3.6.9 release
8b9ea0
8b9ea0
* Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.8-3
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Jul 15 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.8-2
8b9ea0
- Rebuilt with guile-2.2
8b9ea0
8b9ea0
* Tue May 28 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.8-1
8b9ea0
- Update to upstream 3.6.8 release
8b9ea0
8b9ea0
* Wed Mar 27 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.7-1
8b9ea0
- Update to upstream 3.6.7 release
8b9ea0
- Fixed CVE-2019-3836 (#1693214)
8b9ea0
- Fixed CVE-2019-3829 (#1693210)
8b9ea0
8b9ea0
* Fri Feb  1 2019 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.6-1
8b9ea0
- Update to upstream 3.6.6 release
8b9ea0
8b9ea0
* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.5-3
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
8b9ea0
8b9ea0
* Fri Jan 11 2019 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.5-2
8b9ea0
- Added explicit Requires for nettle >= 3.4.1
8b9ea0
8b9ea0
* Tue Dec 11 2018 Anderson Toshiyuki Sasaki <ansasaki@redhat.com> - 3.6.5-1
8b9ea0
- Update to upstream 3.6.5 release
8b9ea0
8b9ea0
* Mon Oct 29 2018 James Antill <james.antill@redhat.com> - 3.6.4-5
8b9ea0
- Remove ldconfig scriptlet, now done via. transfiletrigger in glibc.
8b9ea0
8b9ea0
* Wed Oct 17 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-4
8b9ea0
- Fix issue with rehandshake affecting glib-networking (#1634736)
8b9ea0
8b9ea0
* Tue Oct 16 2018 Tomáš Mráz <tmraz@redhat.com> - 3.6.4-3
8b9ea0
- Add missing annobin notes for assembler sources
8b9ea0
8b9ea0
* Tue Oct 09 2018 Petr Menšík <pemensik@redhat.com> - 3.6.4-2
8b9ea0
- Rebuilt for unbound 1.8
8b9ea0
8b9ea0
* Tue Sep 25 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.4-1
8b9ea0
- Updated to upstream 3.6.4 release
8b9ea0
- Added support for the latest version of the TLS1.3 protocol
8b9ea0
- Enabled SHA1 support as SHA1 deprecation is handled via the
8b9ea0
  fedora crypto policies.
8b9ea0
8b9ea0
* Thu Aug 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-4
8b9ea0
- Fixed gnutls-cli input reading
8b9ea0
- Ensure that we do not cause issues with version rollback detection
8b9ea0
  and TLS1.3.
8b9ea0
8b9ea0
* Tue Aug 07 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-3
8b9ea0
- Fixed ECDSA public key import (#1612803)
8b9ea0
8b9ea0
* Thu Jul 26 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-2
8b9ea0
- Backported regression fixes from 3.6.2
8b9ea0
8b9ea0
* Mon Jul 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.3-1
8b9ea0
- Update to upstream 3.6.3 release
8b9ea0
8b9ea0
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.2-5
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
8b9ea0
8b9ea0
* Wed Jun 13 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-4
8b9ea0
- Enable FIPS140-2 mode in Fedora
8b9ea0
8b9ea0
* Wed Jun 06 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-3
8b9ea0
- Update to upstream 3.6.2 release
8b9ea0
8b9ea0
* Fri May 25 2018 David Abdurachmanov <david.abdurachmanov@gmail.com> - 3.6.2-2
8b9ea0
- Add missing BuildRequires: gnupg2 for gpgv2 in %%prep
8b9ea0
8b9ea0
* Fri Feb 16 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.2-1
8b9ea0
- Update to upstream 3.6.2 release
8b9ea0
8b9ea0
* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 3.6.1-5
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
8b9ea0
8b9ea0
* Fri Feb  2 2018 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-4
8b9ea0
- Rebuilt to address incompatibility with new nettle
8b9ea0
8b9ea0
* Thu Nov 30 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-3
8b9ea0
- Corrected regression from 3.6.1-2 which prevented the loading of
8b9ea0
  arbitrary p11-kit modules (#1507402)
8b9ea0
8b9ea0
* Mon Nov  6 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-2
8b9ea0
- Prevent the loading of all PKCS#11 modules on certificate verification
8b9ea0
  but only restrict to p11-kit trust module (#1507402)
8b9ea0
8b9ea0
* Sat Oct 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.1-1
8b9ea0
- Update to upstream 3.6.1 release
8b9ea0
8b9ea0
* Mon Aug 21 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.6.0-1
8b9ea0
- Update to upstream 3.6.0 release
8b9ea0
8b9ea0
* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-3
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
8b9ea0
8b9ea0
* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.14-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
8b9ea0
8b9ea0
* Tue Jul 04 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.14-1
8b9ea0
- Update to upstream 3.5.14 release
8b9ea0
8b9ea0
* Wed Jun 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.13-1
8b9ea0
- Update to upstream 3.5.13 release
8b9ea0
8b9ea0
* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-2
8b9ea0
- Fix issue with p11-kit-trust arch dependency
8b9ea0
8b9ea0
* Thu May 11 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.12-1
8b9ea0
- Update to upstream 3.5.12 release
8b9ea0
8b9ea0
* Fri Apr 07 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.11-1
8b9ea0
- Update to upstream 3.5.11 release
8b9ea0
8b9ea0
* Mon Mar 06 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.10-1
8b9ea0
- Update to upstream 3.5.10 release
8b9ea0
8b9ea0
* Wed Feb 15 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-2
8b9ea0
- Work around missing pkg-config file (#1422256)
8b9ea0
8b9ea0
* Tue Feb 14 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> - 3.5.9-1
8b9ea0
- Update to upstream 3.5.9 release
8b9ea0
8b9ea0
* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 3.5.8-3
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
8b9ea0
8b9ea0
* Sat Feb  4 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-2
8b9ea0
- Added patch fix initialization issue in gnutls_pkcs11_obj_list_import_url4
8b9ea0
8b9ea0
* Mon Jan  9 2017 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.8-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Tue Dec 13 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-3
8b9ea0
- Fix PKCS#8 file loading (#1404084)
8b9ea0
8b9ea0
* Thu Dec  8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.7-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Fri Nov  4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.6-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Tue Oct 11 2016 walters@redhat.com - 3.5.5-2
8b9ea0
- Apply patch to fix compatibility with ostree (#1383708)
8b9ea0
8b9ea0
* Mon Oct 10 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.5-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Thu Sep  8 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.4-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Mon Aug 29 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-2
8b9ea0
- Work around #1371082 for x86
8b9ea0
- Fixed issue with DTLS sliding window implementation (#1370881)
8b9ea0
8b9ea0
* Tue Aug  9 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.3-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Wed Jul  6 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.2-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Wed Jun 15 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.5.1-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Tue Jun  7 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.13-1
8b9ea0
- New upstream release (#1343258)
8b9ea0
- Addresses issue with setuid programs introduced in 3.4.12 (#1343342)
8b9ea0
8b9ea0
* Fri May 20 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.12-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Mon Apr 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.11-1
8b9ea0
- New upstream release
8b9ea0
8b9ea0
* Fri Mar  4 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.10-1
8b9ea0
- New upstream release (#1314576)
8b9ea0
8b9ea0
* Wed Feb  3 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.9-1
8b9ea0
- Fix broken key usage flags introduced in 3.4.8 (#1303355)
8b9ea0
8b9ea0
* Mon Jan 11 2016 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.8-1
8b9ea0
- New upstream release (#1297079)
8b9ea0
8b9ea0
* Mon Nov 23 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.7-1
8b9ea0
- New upstream release (#1284300)
8b9ea0
- Documentation updates (#1282864)
8b9ea0
- Adds interface to set unique IDs in certificates (#1281343)
8b9ea0
- Allow arbitrary key sizes with ARCFOUR (#1284401)
8b9ea0
8b9ea0
* Wed Oct 21 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.6-1
8b9ea0
- New upstream release (#1273672)
8b9ea0
- Enhances p11tool to write CKA_ISSUER and CKA_SERIAL_NUMBER (#1272178)
8b9ea0
8b9ea0
* Tue Oct 20 2015 Adam Williamson <awilliam@redhat.com> - 3.4.5-2
8b9ea0
- fix interaction with Chrome 45+ (master secret extension) (#1273102)
8b9ea0
8b9ea0
* Mon Sep 14 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.5-1
8b9ea0
- New upstream release (#1252192)
8b9ea0
- Eliminates hard limits on CRL parsing of certtool.
8b9ea0
8b9ea0
* Mon Aug 10 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.4-1
8b9ea0
- new upstream release
8b9ea0
- no longer requires trousers patch
8b9ea0
- fixes issue in gnutls_x509_privkey_import (#1250020)
8b9ea0
8b9ea0
* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-2
8b9ea0
- Don't link against trousers but rather dlopen() it when available.
8b9ea0
  That avoids a dependency on openssl by the main library.
8b9ea0
8b9ea0
* Mon Jul 13 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.3-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Thu Jul 02 2015 Adam Jackson <ajax@redhat.com> 3.4.2-3
8b9ea0
- Only disable -z now for the guile modules
8b9ea0
8b9ea0
* Thu Jun 18 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-2
8b9ea0
- rename the symbol version for internal symbols to avoid clashes
8b9ea0
  with 3.3.x.
8b9ea0
8b9ea0
* Wed Jun 17 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.2-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Tue May  5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-2
8b9ea0
- Provide missing GNUTLS_SUPPLEMENTAL_USER_MAPPING_DATA definition
8b9ea0
8b9ea0
* Mon May  4 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.4.1-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Sat May 02 2015 Kalev Lember <kalevlember@gmail.com> - 3.3.14-2
8b9ea0
- Rebuilt for GCC 5 C++11 ABI change
8b9ea0
8b9ea0
* Mon Mar 30 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.14-1
8b9ea0
- new upstream release
8b9ea0
- improved BER decoding of PKCS #12 structures (#1131461)
8b9ea0
8b9ea0
* Fri Mar  6 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-3
8b9ea0
- Build with hardened flags
8b9ea0
- Removed -Wl,--no-add-needed linker flag
8b9ea0
8b9ea0
* Fri Feb 27 2015 Till Maas <opensource@till.name> - 3.3.13-2
8b9ea0
- Do not build with hardened flags
8b9ea0
8b9ea0
* Thu Feb 26 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.13-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-3
8b9ea0
- Make build verbose
8b9ea0
- Use %%license
8b9ea0
8b9ea0
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.3.12-2
8b9ea0
- Rebuilt for Fedora 23 Change
8b9ea0
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
8b9ea0
8b9ea0
* Mon Jan 19 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.12-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Jan  5 2015 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-2
8b9ea0
- enabled guile bindings (#1177847)
8b9ea0
8b9ea0
* Thu Dec 11 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.11-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Nov 10 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.10-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Thu Oct 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-2
8b9ea0
- applied fix for issue in get-issuer (#1155901)
8b9ea0
8b9ea0
* Mon Oct 13 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.9-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Fri Sep 19 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-2
8b9ea0
- strip rpath from library
8b9ea0
8b9ea0
* Thu Sep 18 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.8-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Aug 25 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.7-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Sat Aug 16 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.6-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
8b9ea0
8b9ea0
* Wed Jul 23 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.6-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Tue Jul 01 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-2
8b9ea0
- Added work-around for s390 builds with gcc 4.9 (#1102324)
8b9ea0
8b9ea0
* Mon Jun 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.5-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Tue Jun 17 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-3
8b9ea0
- explicitly depend on p11-kit-trust
8b9ea0
8b9ea0
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.3.4-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Jun 02 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.4-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Fri May 30 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.3-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Wed May 21 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-2
8b9ea0
- Require crypto-policies
8b9ea0
8b9ea0
* Fri May 09 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.2-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon May 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-4
8b9ea0
- Replaced /etc/crypto-profiles/apps with /etc/crypto-policies/back-ends.
8b9ea0
- Added support for "very weak" profile.
8b9ea0
8b9ea0
* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-2
8b9ea0
- gnutls_global_deinit() will not do anything if the previous 
8b9ea0
  initialization has failed (#1091053)
8b9ea0
8b9ea0
* Mon Apr 28 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.1-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Apr 14 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.3.0-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Tue Apr 08 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.13-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Wed Mar 05 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12.1-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Mar 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.12-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-2
8b9ea0
- use p11-kit trust store for certificate verification
8b9ea0
8b9ea0
* Mon Feb 03 2014 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.10-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Tue Jan 14 2014 Tomáš Mráz <tmraz@redhat.com> 3.2.8-2
8b9ea0
- build the crywrap tool
8b9ea0
8b9ea0
* Mon Dec 23 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.8-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Wed Dec  4 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-2
8b9ea0
- Use the correct root key for unbound /var/lib/unbound/root.key (#1012494)
8b9ea0
- Pull asm fixes from upstream (#973210)
8b9ea0
8b9ea0
* Mon Nov 25 2013 Nikos Mavrogiannopoulos <nmav@redhat.com> 3.2.7-1
8b9ea0
- new upstream release
8b9ea0
- added dependency to autogen-libopts-devel to use the system's
8b9ea0
  libopts library
8b9ea0
- added dependency to trousers-devel to enable TPM support
8b9ea0
8b9ea0
* Mon Nov  4 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.16-1
8b9ea0
- new upstream release
8b9ea0
- fixes CVE-2013-4466 off-by-one in dane_query_tlsa()
8b9ea0
8b9ea0
* Fri Oct 25 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.15-1
8b9ea0
- new upstream release
8b9ea0
- fixes CVE-2013-4466 buffer overflow in handling DANE entries
8b9ea0
8b9ea0
* Wed Oct 16 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-3
8b9ea0
- enable ECC NIST Suite B curves
8b9ea0
8b9ea0
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3.1.13-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Jul 15 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.13-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon May 13 2013 Tomáš Mráz <tmraz@redhat.com> 3.1.11-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Mon Mar 25 2013 Tomas Mraz <tmraz@redhat.com> 3.1.10-1
8b9ea0
- new upstream release
8b9ea0
- license of the library is back to LGPLv2.1+
8b9ea0
8b9ea0
* Fri Mar 15 2013 Tomas Mraz <tmraz@redhat.com> 3.1.9-1
8b9ea0
- new upstream release
8b9ea0
8b9ea0
* Thu Mar  7 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-3
8b9ea0
- drop the temporary old library
8b9ea0
8b9ea0
* Tue Feb 26 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-2
8b9ea0
- don't send ECC algos as supported (#913797)
8b9ea0
8b9ea0
* Thu Feb 21 2013 Tomas Mraz <tmraz@redhat.com> 3.1.8-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Wed Feb  6 2013 Tomas Mraz <tmraz@redhat.com> 3.1.7-1
8b9ea0
- new upstream version, requires rebuild of dependencies
8b9ea0
- this release temporarily includes old compatibility .so
8b9ea0
8b9ea0
* Tue Feb  5 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-2
8b9ea0
- rebuilt with new libtasn1
8b9ea0
- make guile bindings optional - breaks i686 build and there is
8b9ea0
  no dependent package
8b9ea0
8b9ea0
* Tue Jan  8 2013 Tomas Mraz <tmraz@redhat.com> 2.12.22-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Wed Nov 28 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-2
8b9ea0
- use RSA bit sizes supported by libgcrypt in FIPS mode for security
8b9ea0
  levels (#879643)
8b9ea0
8b9ea0
* Fri Nov  9 2012 Tomas Mraz <tmraz@redhat.com> 2.12.21-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Nov  1 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-4
8b9ea0
- negotiate only FIPS approved algorithms in the FIPS mode (#871826)
8b9ea0
8b9ea0
* Wed Aug  8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-3
8b9ea0
- fix the gnutls-cli-debug manpage - patch by Peter Schiffer
8b9ea0
8b9ea0
* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.20-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Jun 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.20-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Fri May 18 2012 Tomas Mraz <tmraz@redhat.com> 2.12.19-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Mar 29 2012 Tomas Mraz <tmraz@redhat.com> 2.12.18-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Mar  8 2012 Tomas Mraz <tmraz@redhat.com> 2.12.17-1
8b9ea0
- new upstream version
8b9ea0
- fix leaks in key generation (#796302)
8b9ea0
8b9ea0
* Fri Feb 03 2012 Kevin Fenzi <kevin@scrye.com> - 2.12.14-3
8b9ea0
- Disable largefile on arm arch. (#787287)
8b9ea0
8b9ea0
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.12.14-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
8b9ea0
8b9ea0
* Tue Nov  8 2011 Tomas Mraz <tmraz@redhat.com> 2.12.14-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Mon Oct 24 2011 Tomas Mraz <tmraz@redhat.com> 2.12.12-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Sep 29 2011 Tomas Mraz <tmraz@redhat.com> 2.12.11-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Fri Aug 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.9-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Tue Aug 16 2011 Tomas Mraz <tmraz@redhat.com> 2.12.8-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Mon Jul 25 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-2
8b9ea0
- fix problem when using new libgcrypt
8b9ea0
- split libgnutlsxx to a subpackage (#455146)
8b9ea0
- drop libgnutls-openssl (#460310)
8b9ea0
8b9ea0
* Tue Jun 21 2011 Tomas Mraz <tmraz@redhat.com> 2.12.7-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Mon May  9 2011 Tomas Mraz <tmraz@redhat.com> 2.12.4-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Tue Apr 26 2011 Tomas Mraz <tmraz@redhat.com> 2.12.3-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Mon Apr 18 2011 Tomas Mraz <tmraz@redhat.com> 2.12.2-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Mar  3 2011 Tomas Mraz <tmraz@redhat.com> 2.10.5-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.10.4-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
8b9ea0
8b9ea0
* Wed Dec  8 2010 Tomas Mraz <tmraz@redhat.com> 2.10.4-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Dec  2 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-2
8b9ea0
- fix buffer overflow in gnutls-serv (#659259)
8b9ea0
8b9ea0
* Fri Nov 19 2010 Tomas Mraz <tmraz@redhat.com> 2.10.3-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Thu Sep 30 2010 Tomas Mraz <tmraz@redhat.com> 2.10.2-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Wed Sep 29 2010 jkeating - 2.10.1-4
8b9ea0
- Rebuilt for gcc bug 634757
8b9ea0
8b9ea0
* Thu Sep 23 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-3
8b9ea0
- more patching for internal errors regression (#629858)
8b9ea0
  patch by Vivek Dasmohapatra
8b9ea0
8b9ea0
* Tue Sep 21 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-2
8b9ea0
- backported patch from upstream git hopefully fixing internal errors
8b9ea0
  (#629858)
8b9ea0
8b9ea0
* Wed Aug  4 2010 Tomas Mraz <tmraz@redhat.com> 2.10.1-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Wed Jun  2 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-2
8b9ea0
- add support for safe renegotiation CVE-2009-3555 (#533125)
8b9ea0
8b9ea0
* Wed May 12 2010 Tomas Mraz <tmraz@redhat.com> 2.8.6-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Mon Feb 15 2010 Rex Dieter <rdieter@fedoraproject.org> 2.8.5-4
8b9ea0
- FTBFS gnutls-2.8.5-3.fc13: ImplicitDSOLinking (#564624)
8b9ea0
8b9ea0
* Thu Jan 28 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-3
8b9ea0
- drop superfluous rpath from binaries
8b9ea0
- do not call autoreconf during build
8b9ea0
- specify the license on utils subpackage
8b9ea0
8b9ea0
* Mon Jan 18 2010 Tomas Mraz <tmraz@redhat.com> 2.8.5-2
8b9ea0
- do not create static libraries (#556052)
8b9ea0
8b9ea0
* Mon Nov  2 2009 Tomas Mraz <tmraz@redhat.com> 2.8.5-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Wed Sep 23 2009 Tomas Mraz <tmraz@redhat.com> 2.8.4-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Fri Aug 14 2009 Tomas Mraz <tmraz@redhat.com> 2.8.3-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.8.1-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
8b9ea0
8b9ea0
* Wed Jun 10 2009 Tomas Mraz <tmraz@redhat.com> 2.8.1-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Wed Jun  3 2009 Tomas Mraz <tmraz@redhat.com> 2.8.0-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Mon May  4 2009 Tomas Mraz <tmraz@redhat.com> 2.6.6-1
8b9ea0
- upgrade to a new upstream version - security fixes
8b9ea0
8b9ea0
* Tue Apr 14 2009 Tomas Mraz <tmraz@redhat.com> 2.6.5-1
8b9ea0
- upgrade to a new upstream version, minor bugfixes only
8b9ea0
8b9ea0
* Fri Mar  6 2009 Tomas Mraz <tmraz@redhat.com> 2.6.4-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.3-2
8b9ea0
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
8b9ea0
8b9ea0
* Mon Dec 15 2008 Tomas Mraz <tmraz@redhat.com> 2.6.3-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Thu Dec  4 2008 Tomas Mraz <tmraz@redhat.com> 2.6.2-1
8b9ea0
- upgrade to a new upstream version
8b9ea0
8b9ea0
* Tue Nov 11 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-3
8b9ea0
- fix chain verification issue CVE-2008-4989 (#470079)
8b9ea0
8b9ea0
* Thu Sep 25 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-2
8b9ea0
- add guile subpackage (#463735)
8b9ea0
- force new libtool through autoreconf to drop unnecessary rpaths
8b9ea0
8b9ea0
* Tue Sep 23 2008 Tomas Mraz <tmraz@redhat.com> 2.4.2-1
8b9ea0
- new upstream version
8b9ea0
8b9ea0
* Tue Jul  1 2008 Tomas Mraz <tmraz@redhat.com> 2.4.1-1
8b9ea0
- new upstream version
8b9ea0
- correct the license tag
8b9ea0
- explicit --with-included-opencdk not needed
8b9ea0
- use external lzo library, internal not included anymore
8b9ea0
8b9ea0
* Tue Jun 24 2008 Tomas Mraz <tmraz@redhat.com> 2.4.0-1
8b9ea0
- upgrade to latest upstream
8b9ea0
8b9ea0
* Tue May 20 2008 Tomas Mraz <tmraz@redhat.com> 2.0.4-3
8b9ea0
- fix three security issues in gnutls handshake - GNUTLS-SA-2008-1
8b9ea0
  (#447461, #447462, #447463)
8b9ea0
8b9ea0
* Mon Feb  4 2008 Joe Orton <jorton@redhat.com> 2.0.4-2
8b9ea0
- use system libtasn1
8b9ea0
8b9ea0
* Tue Dec  4 2007 Tomas Mraz <tmraz@redhat.com> 2.0.4-1
8b9ea0
- upgrade to latest upstream
8b9ea0
8b9ea0
* Tue Aug 21 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-2
8b9ea0
- license tag fix
8b9ea0
8b9ea0
* Wed Jun  6 2007 Tomas Mraz <tmraz@redhat.com> 1.6.3-1
8b9ea0
- upgrade to latest upstream (#232445)
8b9ea0
8b9ea0
* Tue Apr 10 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-2
8b9ea0
- properly require install-info (patch by Ville Skyttä)
8b9ea0
- standard buildroot and use dist tag
8b9ea0
- add COPYING and README to doc
8b9ea0
8b9ea0
* Wed Feb  7 2007 Tomas Mraz <tmraz@redhat.com> 1.4.5-1
8b9ea0
- new upstream version
8b9ea0
- drop libtermcap-devel from buildrequires
8b9ea0
8b9ea0
* Thu Sep 14 2006 Tomas Mraz <tmraz@redhat.com> 1.4.1-2
8b9ea0
- detect forged signatures - CVE-2006-4790 (#206411), patch
8b9ea0
  from upstream
8b9ea0
8b9ea0
* Tue Jul 18 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.1-1
8b9ea0
- upgrade to new upstream version, only minor changes
8b9ea0
8b9ea0
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 1.4.0-1.1
8b9ea0
- rebuild
8b9ea0
8b9ea0
* Wed Jun 14 2006 Tomas Mraz <tmraz@redhat.com> - 1.4.0-1
8b9ea0
- upgrade to new upstream version (#192070), rebuild
8b9ea0
  of dependent packages required
8b9ea0
8b9ea0
* Tue May 16 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-2
8b9ea0
- added missing buildrequires
8b9ea0
8b9ea0
* Mon Feb 13 2006 Tomas Mraz <tmraz@redhat.com> - 1.2.10-1
8b9ea0
- updated to new version (fixes CVE-2006-0645)
8b9ea0
8b9ea0
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.2
8b9ea0
- bump again for double-long bug on ppc(64)
8b9ea0
8b9ea0
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 1.2.9-3.1
8b9ea0
- rebuilt for new gcc4.1 snapshot and glibc changes
8b9ea0
8b9ea0
* Tue Jan  3 2006 Jesse Keating <jkeating@redhat.com> 1.2.9-3
8b9ea0
- rebuilt
8b9ea0
8b9ea0
* Fri Dec  9 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-2
8b9ea0
- replaced *-config scripts with calls to pkg-config to
8b9ea0
  solve multilib conflicts
8b9ea0
8b9ea0
* Wed Nov 23 2005 Tomas Mraz <tmraz@redhat.com> 1.2.9-1
8b9ea0
- upgrade to newest upstream
8b9ea0
- removed .la files (#172635)
8b9ea0
8b9ea0
* Sun Aug  7 2005 Tomas Mraz <tmraz@redhat.com> 1.2.6-1
8b9ea0
- upgrade to newest upstream (rebuild of dependencies necessary)
8b9ea0
8b9ea0
* Mon Jul  4 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-2
8b9ea0
- split the command line tools to utils subpackage
8b9ea0
8b9ea0
* Sat Apr 30 2005 Tomas Mraz <tmraz@redhat.com> 1.0.25-1
8b9ea0
- new upstream version fixes potential DOS attack
8b9ea0
8b9ea0
* Sat Apr 23 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-2
8b9ea0
- readd the version script dropped by upstream
8b9ea0
8b9ea0
* Fri Apr 22 2005 Tomas Mraz <tmraz@redhat.com> 1.0.24-1
8b9ea0
- update to the latest upstream version on the 1.0 branch
8b9ea0
8b9ea0
* Wed Mar  2 2005 Warren Togami <wtogami@redhat.com> 1.0.20-6
8b9ea0
- gcc4 rebuild
8b9ea0
8b9ea0
* Tue Jan  4 2005 Ivana Varekova <varekova@redhat.com> 1.0.20-5
8b9ea0
- add gnutls Requires zlib-devel (#144069)
8b9ea0
8b9ea0
* Mon Nov 08 2004 Colin Walters <walters@redhat.com> 1.0.20-4
8b9ea0
- Make gnutls-devel Require libgcrypt-devel
8b9ea0
8b9ea0
* Tue Sep 21 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-3
8b9ea0
- rebuild with release++, otherwise unchanged.
8b9ea0
8b9ea0
* Tue Sep  7 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-2
8b9ea0
- patent tainted SRP code removed.
8b9ea0
8b9ea0
* Sun Sep  5 2004 Jeff Johnson <jbj@redhat.com> 1.0.20-1
8b9ea0
- update to 1.0.20.
8b9ea0
- add --with-included-opencdk --with-included-libtasn1
8b9ea0
- add --with-included-libcfg --with-included-lzo
8b9ea0
- add --disable-srp-authentication.
8b9ea0
- do "make check" after build.
8b9ea0
8b9ea0
* Fri Mar 21 2003 Jeff Johnson <jbj@redhat.com> 0.9.2-1
8b9ea0
- upgrade to 0.9.2
8b9ea0
8b9ea0
* Tue Jun 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.4-1
8b9ea0
- update to 0.4.4.
8b9ea0
8b9ea0
* Fri Jun 21 2002 Tim Powers <timp@redhat.com>
8b9ea0
- automated rebuild
8b9ea0
8b9ea0
* Sat May 25 2002 Jeff Johnson <jbj@redhat.com> 0.4.3-1
8b9ea0
- update to 0.4.3.
8b9ea0
8b9ea0
* Tue May 21 2002 Jeff Johnson <jbj@redhat.com> 0.4.2-1
8b9ea0
- update to 0.4.2.
8b9ea0
- change license to LGPL.
8b9ea0
- include splint annotations patch.
8b9ea0
8b9ea0
* Tue Apr  2 2002 Nalin Dahyabhai <nalin@redhat.com> 0.4.0-1
8b9ea0
- update to 0.4.0
8b9ea0
8b9ea0
* Thu Jan 17 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.2-1
8b9ea0
- update to 0.3.2
8b9ea0
8b9ea0
* Thu Jan 10 2002 Nalin Dahyabhai <nalin@redhat.com> 0.3.0-1
8b9ea0
- add a URL
8b9ea0
8b9ea0
* Thu Dec 20 2001 Nalin Dahyabhai <nalin@redhat.com>
8b9ea0
- initial package