[gnutls-devel] gnutls 3.1.17

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Nov 23 11:16:03 CET 2013


Hello,  I've just released gnutls 3.1.17. This release prioritizes the
GCM ciphersuites over CBC, enables TPM support and fixes few other bugs 
on the current stable branch.


* Version 3.1.17 (released 2013-11-23)

** libgnutls: Support for TPM via trousers is now enabled by default.

** libgnutls: GCM mode is prioritized over CBC in all of the default
priority strings.

** libgnutls: Added support for ISO OID for RSA-SHA1 signatures.

** libgnutls: When traversing PKCS #11 tokens looking for an object,
avoid looking in unrelated to the object tokens.

** libgnutls: Fixed bug in gnutls_x509_crt_set_dn() at DN parsing.

** libgnutls: gnutls_x509_crt_set_expiration_time() will set the no
well defined expiration date when (time_t)-1 is specified as date.

** libgnutls: Backported memory leak fix when a handshake is terminated
by an EOF.

** libgnutls: Forbid all compression methods in DTLS.

** gnutls-serv: Fixed issue with IPv6 address in UDP mode.

** certtool: When exporting an encrypted PEM private key do not output
the key parameters.

** certtool: Expiration days template option allows for a -1 value
which will set to the no well defined expiration date (RFC5280), and no
longer chokes on integer overflows. Suggested by Stefan Buehler.

** tools: The environment variable GNUTLS_PIN can be used to read any
PIN requested from tokens.

** tools: The installed version of libopts is used if the autogen tool
is present.

** API and ABI modifications: No changes since last version.


Getting the Software
====================

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.17.tar.xz
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.17.tar.lz

Here are OpenPGP detached signatures signed using key 0x96865171:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.17.tar.xz.sig
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.17.tar.lz.sig

Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]

regards,
Nikos





More information about the Gnutls-devel mailing list