Fedora 13 Update: perl-IO-Socket-SSL-1.38-1.fc13
updates at fedoraproject.org
updates at fedoraproject.org
Fri Jan 28 19:17:28 UTC 2011
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-0614
2011-01-20 19:26:20
--------------------------------------------------------------------------------
Name : perl-IO-Socket-SSL
Product : Fedora 13
Version : 1.38
Release : 1.fc13
URL : http://search.cpan.org/dist/IO-Socket-SSL/
Summary : Perl library for transparent SSL
Description :
This module is a true drop-in replacement for IO::Socket::INET that
uses SSL to encrypt data before it is transferred to a remote server
or client. IO::Socket::SSL supports all the extra features that one
needs to write a full-featured SSL client or server application:
multiple SSL contexts, cipher selection, certificate verification, and
SSL version selection. As an extra bonus, it works perfectly with
mod_perl.
--------------------------------------------------------------------------------
Update Information:
This update, to the current upstream release, fixes CPAN RT#64864, where the wildcards_in_cn setting for the HTTP protocol was wrongly set in the previous version to "1" instead of "anywhere".
--------------------------------------------------------------------------------
ChangeLog:
* Tue Jan 18 2011 Paul Howarth <paul at city-fan.org> - 1.38-1
- Update to 1.38
- fixed wildcards_in_cn setting for http, wrongly set in 1.34 to 1 instead of
anywhere (CPAN RT#64864)
* Fri Dec 10 2010 Paul Howarth <paul at city-fan.org> - 1.37-1
- Update to 1.37
- don't complain about invalid certificate locations if user explicitly set
SSL_ca_path and SSL_ca_file to undef: assume that user knows what they are
doing and will work around the problems themselves (CPAN RT#63741)
* Thu Dec 9 2010 Paul Howarth <paul at city-fan.org> - 1.36-1
- Update to 1.36
- update documentation for SSL_verify_callback based on CPAN RT#63743 and
CPAN RT#63740
* Mon Dec 6 2010 Paul Howarth <paul at city-fan.org> - 1.35-1
- Update to 1.35 (addresses CVE-2010-4334)
- if verify_mode is not VERIFY_NONE and the ca_file/ca_path cannot be
verified as valid, it will no longer fall back to VERIFY_NONE but throw an
error (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=606058)
* Tue Nov 2 2010 Paul Howarth <paul at city-fan.org> - 1.34-1
- Update to 1.34
- schema http for certificate verification changed to wildcards_in_cn=1
- if upgrading socket from inet to ssl fails due to handshake problems, the
socket gets downgraded back again but is still open (CPAN RT#61466)
- deprecate kill_socket: just use close()
* Sun May 2 2010 Marcela Maslanova <mmaslano at redhat.com> - 1.33-2
- Mass rebuild with perl-5.12.0
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update perl-IO-Socket-SSL' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
More information about the package-announce
mailing list