GNU Transport Layer Security Library 3.8.3
2024-1-16 21:55:25 Author: packetstormsecurity.com(查看原文) 阅读量:15 收藏

GNU Transport Layer Security Library 3.8.3
Posted Jan 16, 2024
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: libgnutls had multiple security fixes. They fixed more timing side-channel issues inside RSA-PSK key exchange. They fixed an assertion failure when verifying a certificate chain with a cycle of cross signatures. Fixed a regression in handling Ed25519 keys stored in PKCS#11 token certtool that was unable to handle Ed25519 keys generated on PKCS#11 with pkcs11-tool (OpenSC). This is a regression introduced in 3.8.2.
tags | protocol, library
advisories | CVE-2024-0553, CVE-2024-0567
SHA-256 | f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173e
Download | Favorite | View

文章来源: https://packetstormsecurity.com/files/176567/gnutls-3.8.3.tar.xz
如有侵权请联系:admin#unsafe.sh