[gnutls-devel] gnutls 3.5.13
nmav at gnutls.org
Wed Jun 7 07:47:48 CEST 2017
I've just released gnutls 3.5.13. This is a bug fix release on the
* Version 3.5.13 (released 2017-06-07)
** libgnutls: fixed issue with AES-GCM in-place encryption and decryption in
aarch64. Resolves gitlab issue #204.
** libgnutls: no longer parse the ResponseID field of the status response
TLS extension. The field is not used by GnuTLS nor is made available to
calling applications. That addresses a null pointer dereference on server
side caused by packets containing the ResponseID field. Reported
by Hubert Kario. [GNUTLS-SA-2017-4]
** libgnutls: tolerate certificates which do not have strict DER time encoding.
It is possible using 3rd party tools to generate certificates with time fields
that do not conform to DER requirements. Since 3.4.x these certificates were rejected
and cannot be used with GnuTLS, however that caused problems with existing private
certificate infrastructures, which were relying on such certificates (see gitlab
issue #196). Tolerate reading and using these certificates.
** minitasn1: updated to libtasn1 4.11.
** certtool: allow multiple certificates to be used in --p7-sign with
the --load-certificate option. Patch by Karl Tarbe.
** API and ABI modifications:
No changes since last version.
Getting the Software
GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.
Here are the XZ compressed sources:
Here are OpenPGP detached signatures signed using key 0x96865171:
Note that it has been signed with my openpgp key:
pub 3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02]
More information about the Gnutls-devel