Received: by mail.netbsd.org (Postfix, from userid 605) id 3407184DC8; Mon, 16 Sep 2019 00:28:50 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id AD38B84DC7 for ; Mon, 16 Sep 2019 00:28:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id wbD9px-oYNoE for ; Mon, 16 Sep 2019 00:28:49 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id E821C84C6C for ; Mon, 16 Sep 2019 00:28:48 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id DD12CFBF4; Mon, 16 Sep 2019 00:28:48 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1568593728291220" MIME-Version: 1.0 Date: Mon, 16 Sep 2019 00:28:48 +0000 From: "Nia Alarie" Subject: CVS commit: pkgsrc/security/gnutls To: pkgsrc-changes@NetBSD.org Reply-To: nia@netbsd.org X-Mailer: log_accum Message-Id: <20190916002848.DD12CFBF4@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1568593728291220 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: nia Date: Mon Sep 16 00:28:48 UTC 2019 Modified Files: pkgsrc/security/gnutls: Makefile PLIST distinfo Log Message: gnutls: Update to 3.6.9 * Version 3.6.9 (released 2019-07-25) ** libgnutls: add gnutls_hash_copy/gnutls_hmac_copy functions that will create a copy of digest or MAC context. Copying contexts for externally-registered digest and MAC contexts is unupported (#787). ** Marked the crypto implementation override APIs as deprecated. These APIs are rarely used, are for a niche use case, but have significant side effects, such as preventing any internal re-organization and extension of the internal cipher API. The APIs remain functional though a compiler warning will be issued, and a future minor version update may transform them to a no-op while keeping ABI compatibility (#789). ** libgnutls: Added support for AES-GMAC, as a separate to GCM, MAC algorithm (#781). ** libgnutls: gnutls_privkey_sign_hash2 now accepts the GNUTLS_PRIVKEY_SIGN_FLAG_TLS1_RSA flag as documented. This makes it a complete replacement of gnutls_privkey_sign_hash(). ** libgnutls: Added support for Generalname registeredID. ** The priority configuration was enhanced to allow more elaborate system-wide configuration of the library (#587). The following changes were included: - The file is read as an ini file with '#' indicating a comment. - The section "[priorities]" or global follows the existing semantics of the configuration file, and allows to specify system-wide priority strings which are accessed with the '@' prefix. - The section "[overrides]" is added with the parameters "insecure-hash", "insecure-sig", "insecure-sig-for-cert", "disabled-curve", "disabled-version", "min-verification-profile", "tls-disabled-cipher", "tls-disabled-mac", "tls-disabled-group", "tls-disabled-kx", which prohibit specific algorithms or options globally. Existing algorithms in the library can be marked as disabled and insecure, but no hard-coded insecure algorithm can be marked as secure (so that the configuration cannot be abused to make the system vulnerable). - Unknown sections or options are skipped with a debug message, unless the GNUTLS_SYSTEM_PRIORITY_FAIL_ON_INVALID environment parameter is set to 1. ** libgnutls: Added new flag for GNUTLS_CPUID_OVERRIDE - 0x20: Enable SHA_NI instruction set ** API and ABI modifications: gnutls_crypto_register_cipher: Deprecated gnutls_crypto_register_aead_cipher: Deprecated gnutls_crypto_register_digest: Deprecated gnutls_crypto_register_mac: Deprecated gnutls_get_system_config_file: Added gnutls_hash_copy: Added gnutls_hmac_copy: Added GNUTLS_MAC_AES_GMAC_128: Added GNUTLS_MAC_AES_GMAC_192: Added GNUTLS_MAC_AES_CMAC_256: Added GNUTLS_SAN_REGISTERED_ID: Added To generate a diff of this commit: cvs rdiff -u -r1.198 -r1.199 pkgsrc/security/gnutls/Makefile cvs rdiff -u -r1.64 -r1.65 pkgsrc/security/gnutls/PLIST cvs rdiff -u -r1.136 -r1.137 pkgsrc/security/gnutls/distinfo Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1568593728291220 Content-Disposition: inline Content-Length: 3442 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/security/gnutls/Makefile diff -u pkgsrc/security/gnutls/Makefile:1.198 pkgsrc/security/gnutls/Makefile:1.199 --- pkgsrc/security/gnutls/Makefile:1.198 Sun Aug 11 13:22:46 2019 +++ pkgsrc/security/gnutls/Makefile Mon Sep 16 00:28:48 2019 @@ -1,13 +1,12 @@ -# $NetBSD: Makefile,v 1.198 2019/08/11 13:22:46 wiz Exp $ +# $NetBSD: Makefile,v 1.199 2019/09/16 00:28:48 nia Exp $ -DISTNAME= gnutls-3.6.8 -PKGREVISION= 2 +DISTNAME= gnutls-3.6.9 CATEGORIES= security devel -MASTER_SITES= ftp://ftp.gnutls.org/gcrypt/gnutls/v3.6/ +MASTER_SITES= https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/ EXTRACT_SUFX= .tar.xz MAINTAINER= pkgsrc-users@NetBSD.org -HOMEPAGE= http://www.gnutls.org/ +HOMEPAGE= https://www.gnutls.org/ COMMENT= GNU Transport Layer Security library LICENSE= gnu-gpl-v3 AND gnu-lgpl-v2.1 Index: pkgsrc/security/gnutls/PLIST diff -u pkgsrc/security/gnutls/PLIST:1.64 pkgsrc/security/gnutls/PLIST:1.65 --- pkgsrc/security/gnutls/PLIST:1.64 Thu Jul 11 14:53:36 2019 +++ pkgsrc/security/gnutls/PLIST Mon Sep 16 00:28:48 2019 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.64 2019/07/11 14:53:36 sevan Exp $ +@comment $NetBSD: PLIST,v 1.65 2019/09/16 00:28:48 nia Exp $ bin/certtool bin/gnutls-cli bin/gnutls-cli-debug @@ -263,6 +263,7 @@ man/man3/gnutls_ext_set_data.3 man/man3/gnutls_fingerprint.3 man/man3/gnutls_fips140_mode_enabled.3 man/man3/gnutls_fips140_set_mode.3 +man/man3/gnutls_get_system_config_file.3 man/man3/gnutls_global_deinit.3 man/man3/gnutls_global_init.3 man/man3/gnutls_global_set_audit_log_function.3 @@ -288,6 +289,7 @@ man/man3/gnutls_handshake_set_private_ex man/man3/gnutls_handshake_set_random.3 man/man3/gnutls_handshake_set_timeout.3 man/man3/gnutls_hash.3 +man/man3/gnutls_hash_copy.3 man/man3/gnutls_hash_deinit.3 man/man3/gnutls_hash_fast.3 man/man3/gnutls_hash_get_len.3 @@ -305,6 +307,7 @@ man/man3/gnutls_hex_decode2.3 man/man3/gnutls_hex_encode.3 man/man3/gnutls_hex_encode2.3 man/man3/gnutls_hmac.3 +man/man3/gnutls_hmac_copy.3 man/man3/gnutls_hmac_deinit.3 man/man3/gnutls_hmac_fast.3 man/man3/gnutls_hmac_get_len.3 Index: pkgsrc/security/gnutls/distinfo diff -u pkgsrc/security/gnutls/distinfo:1.136 pkgsrc/security/gnutls/distinfo:1.137 --- pkgsrc/security/gnutls/distinfo:1.136 Thu Aug 15 15:46:15 2019 +++ pkgsrc/security/gnutls/distinfo Mon Sep 16 00:28:48 2019 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.136 2019/08/15 15:46:15 sevan Exp $ +$NetBSD: distinfo,v 1.137 2019/09/16 00:28:48 nia Exp $ -SHA1 (gnutls-3.6.8.tar.xz) = e1243188791af409bca118d31faf3ec3d5f0a5ab -RMD160 (gnutls-3.6.8.tar.xz) = a834679524f95a38a8a1ea77394906db637d33fe -SHA512 (gnutls-3.6.8.tar.xz) = 71f0899de0ffb2a39b25928042114e2bbfde7fbf2029d9f91f60bf60794916d13f544fc97337e4e3282e7faa17e79a8012b0e08f98805bee543c0ba4e5d5a905 -Size (gnutls-3.6.8.tar.xz) = 5712580 bytes +SHA1 (gnutls-3.6.9.tar.xz) = 4a12757b129562ae92a01ca890ed282050595296 +RMD160 (gnutls-3.6.9.tar.xz) = 2771adabb5342b24fbebcb69b324924ee2b56513 +SHA512 (gnutls-3.6.9.tar.xz) = a9fd0f4edae4c081d5c539ba2e5574a4d7294bc00c5c73ea25ce26cb7fd126299c2842a282d45ef5cf0544108f27066e587df28776bc7915143d190d7d5b9d07 +Size (gnutls-3.6.9.tar.xz) = 5773928 bytes SHA1 (patch-lib_Makefile.in) = c9a6bbe6238ccd9de41c708012e36b202d2a86e7 SHA1 (patch-lib_accelerated_x86_x86-common.c) = eaf3c473b1ca83c5b15be26f8c06a82d7961420c SHA1 (patch-lib_system_certs.c) = fba74b2834a36d66bddcd7d3405d0c91c1b14efc --_----------=_1568593728291220--