[gnutls-devel] gnutls 3.3.2

Nikos Mavrogiannopoulos nmav at gnutls.org
Tue May 6 21:41:07 CEST 2014

 I've just released gnutls 3.3.2. This is a bugfix release on the next stable branch.

* Version 3.3.2 (released 2014-05-06)

** libgnutls: Added the 'very weak' certificate verification profile
that corresponds to 64-bit security level.

** libgnutls: Corrected file descriptor leak on random generator

** libgnutls: Corrected file descriptor leak on PSK password file
reading. Issue identified using the Codenomicon TLS test suite.

** libgnutls: Avoid deinitialization if initialization has failed.

** libgnutls: null-terminate othername alternative names.

** libgnutls: gnutls_x509_trust_list_get_issuer() will operate correctly
on a PKCS #11 trust list.

** libgnutls: Several small bug fixes identified using valgrind and
the Codenomicon TLS test suite.

** libgnutls-dane: Accept a certificate using DANE if there is at least one
entry that matches the certificate. Patch by simon [at] arlott.org.

** libgnutls-guile: Fixed compilation issue.

** certtool: Allow exporting a CRL on DER format.

** certtool: The ECDSA keys generated by default use the SECP256R1 curve
which is supported more widely than the previously used SECP224R1.

** API and ABI modifications:

Getting the Software

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:


Here are OpenPGP detached signatures signed using key 0x96865171:


Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]


More information about the Gnutls-devel mailing list