[gnutls-devel] gnutls 3.3.14

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Mar 30 07:34:01 CEST 2015


Hello, 
 I've just released gnutls 3.3.14. This is a bug-fix release on
the current stable branch.


* Version 3.3.14 (released 2015-03-30)

** libgnutls: When retrieving OCTET STRINGS from PKCS #12 ContentInfo
structures use BER to decode them (requires libtasn1 4.3). That allows
to decode some more complex structures.

** libgnutls: When an end-certificate with no name is present and there
are CA name constraints, don't reject the certificate. This follows RFC5280
advice closely. Reported by Fotis Loukos.

** libgnutls: Fixed handling of supplemental data with types > 255.
Patch by Thierry Quemerais.

** libgnutls: Fixed double free in the parsing of CRL distribution points certificate
extension. Reported by Robert Święcki.

** libgnutls: Fixed a two-byte stack overflow in DTLS 0.9 protocol. That
protocol is not enabled by default (used by openconnect VPN).

** libgnutls: The maximum user data send size is set to be the same for
block and non-block ciphersuites. This addresses a regression with wine:
https://bugs.winehq.org/show_bug.cgi?id=37500

** libgnutls: When generating PKCS #11 keys, set CKA_ID, CKA_SIGN,
and CKA_DECRYPT when needed.

** libgnutls: Allow names with zero size to be set using
gnutls_server_name_set(). That will disable the Server Name Indication.
Resolves issue with wine: https://gitlab.com/gnutls/gnutls/issues/2

** API and ABI modifications:
No changes since last version.


Getting the Software
====================

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.14.tar.xz
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.14.tar.lz

Here are OpenPGP detached signatures signed using key 0x96865171:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.14.tar.xz.sig
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.3/gnutls-3.3.14.tar.lz.sig

Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]

regards,
Nikos





More information about the Gnutls-devel mailing list