---
- branch: MAIN
  date: Fri Aug 14 11:48:55 UTC 2015
  files:
  - new: '1.156'
    old: '1.155'
    path: pkgsrc/security/gnutls/Makefile
    pathrev: pkgsrc/security/gnutls/Makefile@1.156
    type: modified
  - new: '1.116'
    old: '1.115'
    path: pkgsrc/security/gnutls/distinfo
    pathrev: pkgsrc/security/gnutls/distinfo@1.116
    type: modified
  - new: '1.5'
    old: '1.4'
    path: pkgsrc/security/gnutls/patches/patch-tests_Makefile.in
    pathrev: pkgsrc/security/gnutls/patches/patch-tests_Makefile.in@1.5
    type: modified
  id: 20150814T114855Z.43fb45ef8b109f818be892954e751e466b45a74d
  log: |
    Update to 3.17.1:

    * Version 3.3.17 (released 2015-08-10)

    ** libgnutls: Fix issue with server side sending the status request
       extension even when not requested. Reported by Jeremy Harris.

    ** libgnutls: gnutls_pkcs11_privkey_generate2() will store the generated
       public key, unless the GNUTLS_PKCS11_OBJ_FLAG_NO_STORE_PUBKEY flag is
       specified.

    ** libgnutls: fixed double free in DN decoding [GNUTLS-SA-2015-3].

    ** API and ABI modifications:
       No changes since last version.

    * Version 3.3.16 (released 2015-07-12)

    ** libgnutls: Allow compilation with nettle 3.0 or later

    ** libgnutls: corrected failure when importing plain files
       with gnutls_x509_privkey_import2(), and a password was provided.

    ** libgnutls: Don't reject certificates if a CA has the URI or IP address
       name constraints, and the end certificate doesn't have an IP address
       name or a URI set.

    ** libgnutls: set and read the hint in DHE-PSK and ECDHE-PSK ciphersuites.

    ** API and ABI modifications:
       No changes since last version.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/security/gnutls'
  unixtime: '1439552935'
  user: wiz