[gnutls-devel] gnutls 3.4.11

Nikos Mavrogiannopoulos nmav at gnutls.org
Mon Apr 11 09:21:44 CEST 2016

 I've just released gnutls 3.4.11. This is a bug fix release of the
current stable branch.

* Version 3.4.11 (released 2016-04-11)

** libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. 
   Reported by Fridolin Pokorny.

** libgnutls: Fixes in DSA key generation under PKCS #11. Report and
   patches by Jan Vcelak.

** libgnutls: Corrected behavior of ALPN extension parsing during
   session resumption. Report and patches by Yuriy M. Kaminskiy.

** libgnutls: Corrected regression (since 3.4.0) in 
   gnutls_server_name_set() which caused it not to accept non-null-
   terminated hostnames. Reported by Tim Ruehsen.

** libgnutls: Corrected printing of the IP Adress name constraints.

** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers
   serving chunk encoding which ocsptool doesn't support. Reported by
   Thomas Klute.

** certtool: do not require a CA for OCSP signing tag. This follows the
   recommendations in RFC6960 in which allow a CA to delegate
   OCSP signing to another certificate without requiring it to be a CA.
   Reported by Thomas Klute.

** API and ABI modifications:
No changes since last version.

Getting the Software

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ compressed sources:


Here are OpenPGP detached signatures signed using key 0x96865171:


Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]


More information about the Gnutls-devel mailing list