Fedora 14 Update: perl-IO-Socket-SSL-1.38-1.fc14

Fri Jan 28 19:17:17 UTC 2011

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0612
2011-01-20 19:26:17
--------------------------------------------------------------------------------

Name        : perl-IO-Socket-SSL
Product     : Fedora 14
Version     : 1.38
Release     : 1.fc14
URL         : http://search.cpan.org/dist/IO-Socket-SSL/
Summary     : Perl library for transparent SSL
Description :
This module is a true drop-in replacement for IO::Socket::INET that
uses SSL to encrypt data before it is transferred to a remote server
or client. IO::Socket::SSL supports all the extra features that one
needs to write a full-featured SSL client or server application:
multiple SSL contexts, cipher selection, certificate verification, and
SSL version selection. As an extra bonus, it works perfectly with
mod_perl.

--------------------------------------------------------------------------------
Update Information:

This update, to the current upstream release, fixes CPAN RT#64864, where the wildcards_in_cn setting for the HTTP protocol was wrongly set in the previous version to "1" instead of "anywhere".

--------------------------------------------------------------------------------
ChangeLog:

* Tue Jan 18 2011 Paul Howarth <paul at city-fan.org> - 1.38-1
- Update to 1.38
  - fixed wildcards_in_cn setting for http, wrongly set in 1.34 to 1 instead of
    anywhere (CPAN RT#64864)
* Fri Dec 10 2010 Paul Howarth <paul at city-fan.org> - 1.37-1
- Update to 1.37
  - don't complain about invalid certificate locations if user explicitly set
    SSL_ca_path and SSL_ca_file to undef: assume that user knows what they are
    doing and will work around the problems themselves (CPAN RT#63741)
* Thu Dec  9 2010 Paul Howarth <paul at city-fan.org> - 1.36-1
- Update to 1.36
  - update documentation for SSL_verify_callback based on CPAN RT#63743 and
    CPAN RT#63740
* Mon Dec  6 2010 Paul Howarth <paul at city-fan.org> - 1.35-1
- Update to 1.35 (addresses CVE-2010-4334)
  - if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
    verified as valid, it will no longer fall back to VERIFY_NONE but throw an
    error (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058)
* Tue Nov  2 2010 Paul Howarth <paul at city-fan.org> - 1.34-1
- Update to 1.34
  - schema http for certificate verification changed to wildcards_in_cn=1
  - if upgrading socket from inet to ssl fails due to handshake problems, the
    socket gets downgraded back again but is still open (CPAN RT#61466)
  - deprecate kill_socket: just use close()
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update perl-IO-Socket-SSL' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------