net-libs/gnutls-2.7.4 was released on 2009-01-07. It should be package.masked due to Bug #253709. ** gnutls: deprecate X.509 validation chains using MD5 and MD2 signatures. This is a bugfix -- the previous attempt to do this from internal x509 certificate verification procedures did not return the correct value for certificates using a weak hash. Reported by Daniel Kahn Gillmor <dkg@fifthhorseman.net> in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3332>, debugged and patch by Tomas Mraz <tmraz@redhat.com> and Daniel Kahn Gillmor <dkg@fifthhorseman.net>. ** gnutls: New interface to get key id for certificate requests. Patch from David Marín Carreño <davefx@gmail.com> in <http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3321>. ** gnutls: gnutls_x509_crq_print will now also print public key id. ** certtool: --verify-chain now prints results of using library verification. Earlier, certtool --verify-chain used its own validation algorithm which wasn't guaranteed to give the same result as the libgnutls internal validation algorithm. Now this command print a new final line with header 'Chain verification output:' that contains the result From using the internal verification algorithm on the same chain. ** tests: Add crq_key_id self-test of gnutls_x509_crq_get_key_id. ** API and ABI modifications: gnutls_x509_crq_get_key_id: ADDED.
added masked. This still has a problem with USE=-cxx. it wasn't just a simple port port from 2.6.0. upstream bug http://savannah.gnu.org/support/?106542 if you get a patch before me.
