[gnutls-devel] gnutls 3.5.2
nmav at gnutls.org
Wed Jul 6 09:21:43 CEST 2016
I've just released gnutls 3.5.2. This is a bugfix release for
the 3.5.x branch, which also addresses a vulnerability on systems
which utilize gnutls with the p11-kit trust module.
* Version 3.5.2 (released 2016-06-06)
** libgnutls: Address issue when utilizing the p11-kit trust store
for certificate verification (GNUTLS-SA-2016-2).
** libgnutls: Fixed DTLS handshake packet reconstruction. Reported by
** libgnutls: Fixed issues with PKCS#11 reading of sensitive objects
from SafeNet Network HSM. Reported by Anthony Alba in #108.
** libgnutls: Corrected the writing of PKCS#11 CKA_SERIAL_NUMBER.
Report and fix by Stanislav Židek.
** libgnutls: Added AES-GCM optimizations using the AVX and MOVBE
instructions. Uses Andy Polyakov's assembly code.
** API and ABI modifications:
No changes since last version.
Getting the Software
GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.
Here are the XZ compressed sources:
Here are OpenPGP detached signatures signed using key 0x96865171:
Note that it has been signed with my openpgp key:
pub 3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02]
More information about the Gnutls-devel