Crypt::PKCS10 parses PKCS #10 requests and provides accessor methods to
extract the requested data. First, the request will be parsed using the
included ASN.1 definition. Common object identifiers will be translated to
their corresponding names. Additionally, accessor methods allow to extract
single data fields. Bit Strings like signatures will be printed in their
hexadecimal representation.
From henning@; ok sthen@ afresh1@
The Crypt::LE module provides the functionality necessary to use Let's
Encrypt API and generate free SSL certificates for your domains. It can
also be used to generate private RSA and ECC keys or Certificate Signing
Requests without resorting to openssl command line. Crypt::LE is shipped
with a self-sufficient client for obtaining SSL certificates, le.pl.
Both ACME v1 and ACME v2 protocols and wildcard certificate issuance are
supported.
From henning@; ok sthen@ afresh1@
* The cvtsudoers command will now reject non-LDIF input when converting
from LDIF format to sudoers or JSON formats.
* The new log_allowed and log_denied sudoers settings make it possible
to disable logging and auditing of allowed and/or denied commands.
* The umask is now handled differently on systems with PAM or login.conf.
If the umask is explicitly set in sudoers, that value is used regardless
of what PAM or login.conf may specify. However, if the umask is not
explicitly set in sudoers, PAM or login.conf may now override the default
sudoers umask. Bug #900.
* For "make install", the sudoers file is no longer checked for syntax
errors when DESTDIR is set. The default sudoers file includes the
contents of /etc/sudoers.d which may not be readable as non-root.
Bug #902.
* Sudo now sets most resource limits to their maximum value to avoid
problems caused by insufficient resources, such as an inability to
allocate memory or open files and pipes.
* Fixed a regression introduced in sudo 1.8.28 where sudo would refuse
to run if the parent process was not associated with a session.
This was due to sudo passing a session ID of -1 to the plugin.
Mbed TLS 2.16.3 is a maintenance release of the Mbed TLS 2.16 branch,
and provides bug fixes and minor enhancements. Overview of changes can
be found at
https://github.com/ARMmbed/mbedtls/releases/tag/mbedtls-2.16.3.
Minor of mbedcrypto has been bumped as symbols have been added.
OK sthen@
vex is amd64-only and there is no point in attempting to build packages
only to have them fail when the RDEP on vex cannot be resolved (e.g. on
i386 as reported by sthen).
prompted by sthen@
ok kn@
