[gnutls-devel] gnutls 3.3.29

Nikos Mavrogiannopoulos nmav at gnutls.org
Fri Feb 16 08:37:26 CET 2018

 I've just released gnutls 3.3.29. This is a bug-fix release on
the previous stable branch.

* Version 3.3.29 (released 2018-02-16)

** libgnutls: Fixed issue which caused 1-byte handshake fragments to be refused.
   Reported by Balázs Kéri.

** libgnutls: Fixed interoperability issue with openssl when safe renegotiation was
   used. Resolves gitlab issue #259.

** libgnutls: Use readdir() instead of readdir_r internally. The latter
   is deprecated and on our use we don't need readdir() to be thread safe
   (which it is in most common platforms).

** libgnutls: require strict DER encoding for certificates, OCSP requests, private
   keys, CRLs and certificate requests.  This backports the already default behavior
   from the 3.5.x branch, in order to reduce issues due to the complexity of BER rules.

** libgnutls: Addressed issue in the AES-CBC acceleration under ssse3 (patch by
   Vitezslav Cizek).

** libgnutls: Addressed issue in the accelerated code which may affect interoperability
   with versions of nettle > 3.4.

** p11tool: Fixed issue preventing the deletion of objects in batch mode.

** p11tool: Mark all generated objects as sensitive by default.

** API and ABI modifications:
No changes since last version.

Getting the Software

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ compressed sources:


Here are OpenPGP detached signatures signed using key 0x96865171:


Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]


More information about the Gnutls-devel mailing list