0a4345d978
- libgnutls: Fixed double free during verification of pkcs7 signatures. Reported by Jaak Ristioja (#1383). [GNUTLS-SA-2022-07-07, CVSS: medium] [CVE-2022-2509] - libgnutls: gnutls_hkdf_expand now only accepts LENGTH argument less than or equal to 255 times hash digest size, to comply with RFC 5869 2.3. - libgnutls: Length limit for TLS PSK usernames has been increased from 128 to 65535 characters (#1323). - libgnutls: AES-GCM encryption function now limits plaintext length to 2^39-256 bits, according to SP800-38D 5.2.1.1. - libgnutls: New block cipher functions have been added to transparently handle padding. gnutls_cipher_encrypt3 and gnutls_cipher_decrypt3 can be used in combination of GNUTLS_CIPHER_PADDING_PKCS7 flag to automatically add/remove padding if the length of the original plaintext is not a multiple of the block size. - libgnutls: New function for manual FIPS self-testing. API and ABI modifications: - gnutls_fips140_run_self_tests: New function - gnutls_cipher_encrypt3: New function - gnutls_cipher_decrypt3: New function - gnutls_cipher_padding_flags_t: New enum Signed-off-by: Nick Hainke <vincent@systemli.org> |
||
|---|---|---|
| .. | ||
| patches | ||
| Config.in | ||
| Makefile | ||