From gnutls-devel at lists.gnutls.org Mon Jan 5 17:05:10 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 05 Jan 2026 16:05:10 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: properly fall back to thread-unsafe module init (!2049) In-Reply-To: References: Message-ID: Zolt?n Fridrich commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049#note_2984249591 Changes look good. Approved. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049#note_2984249591 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 5 17:05:12 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 05 Jan 2026 16:05:12 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: properly fall back to thread-unsafe module init (!2049) In-Reply-To: References: Message-ID: Merge request !2049 was approved by Zolt?n Fridrich Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049 Project:Branches: dueno/gnutls:wip/dueno/pkcs11-thread-fixes to gnutls/gnutls:master Author: Daiki Ueno Assignees: Reviewers: Alexander Sosedkin and Zolt?n Fridrich -- You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 6 02:14:27 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 06 Jan 2026 01:14:27 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: properly fall back to thread-unsafe module init (!2049) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049#note_2985123659 Thanks Zoltan for the review! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049#note_2985123659 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 6 02:14:33 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 06 Jan 2026 01:14:33 +0000 Subject: [gnutls-devel] GnuTLS | pkcs11: properly fall back to thread-unsafe module init (!2049) In-Reply-To: References: Message-ID: Merge request !2049 was merged Merge request URL: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049 Project:Branches: dueno/gnutls:wip/dueno/pkcs11-thread-fixes to gnutls/gnutls:master Author: Daiki Ueno Reviewers: Alexander Sosedkin and Zolt?n Fridrich -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2049 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 6 02:14:33 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 06 Jan 2026 01:14:33 +0000 Subject: [gnutls-devel] GnuTLS | p11tool stopped showing token (#1774) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno with merge request !2049 (https://gitlab.com/gnutls/gnutls/-/merge_requests/2049) Issue #1774: https://gitlab.com/gnutls/gnutls/-/issues/1774 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1774 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Tue Jan 6 02:17:09 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Tue, 06 Jan 2026 01:17:09 +0000 Subject: [gnutls-devel] GnuTLS | srptool: fix stack buffer overflow with large SRP groups (!2050) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/merge_requests/2050#note_2985125359 @grey3228 Could you apply the indentation fix proposed at https://gitlab.com/grey3228/gnutls/-/jobs/12537214593#L56 ? Maybe you could do that by running devel/indent-gnutls if you have a decent version of clang-format. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2050#note_2985125359 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Wed Jan 7 22:02:15 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Wed, 07 Jan 2026 21:02:15 +0000 Subject: [gnutls-devel] libtasn1 | Fix for CVE-2025-13151 Buffer overflow (!121) References: Message-ID: Vijay Sarvepalli created a merge request: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 Project:Branches: sei-vsarvepalli/libtasn1:security_fix to gnutls/libtasn1:master Author: Vijay Sarvepalli Add a description of the new feature/bug fix. Reference any relevant bugs. ## Checklist * [ X ] Code modified for feature * [ O ] Test suite updated with functionality tests * [ O ] Test suite updated with negative tests * [ X ] Documentation updated ## Reviewer's checklist: * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent with other code * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 8 14:55:58 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 08 Jan 2026 13:55:58 +0000 Subject: [gnutls-devel] libtasn1 | Fix for CVE-2025-13151 Buffer overflow (!121) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121#note_2991871509 Thank you! Manually merged into v4.21.0 release -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121#note_2991871509 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 8 14:55:59 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 08 Jan 2026 13:55:59 +0000 Subject: [gnutls-devel] libtasn1 | Fix for CVE-2025-13151 Buffer overflow (!121) In-Reply-To: References: Message-ID: Merge request !121 was closed by Simon Josefsson Merge request URL: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 Project:Branches: sei-vsarvepalli/libtasn1:security_fix to gnutls/libtasn1:master Author: Vijay Sarvepalli Assignees: Reviewers: -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/121 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 8 14:57:08 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 08 Jan 2026 13:57:08 +0000 Subject: [gnutls-devel] libtasn1 | Ongoing security disclosure access (#56) In-Reply-To: References: Message-ID: Issue was closed by Simon Josefsson Issue #56: https://gitlab.com/gnutls/libtasn1/-/issues/56 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/56 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 8 14:57:10 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 08 Jan 2026 13:57:10 +0000 Subject: [gnutls-devel] libtasn1 | Ongoing security disclosure access (#56) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/56#note_2991876487 Should be fixed now with v4.21.0, thank you! -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/56#note_2991876487 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Thu Jan 8 14:57:58 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Thu, 08 Jan 2026 13:57:58 +0000 Subject: [gnutls-devel] libtasn1 | Tarball reproducibility bug (#54) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/54#note_2991879537 I made some changes for v4.21.0, let's see how it works out. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/54#note_2991879537 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 9 03:09:42 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 09 Jan 2026 02:09:42 +0000 Subject: [gnutls-devel] libtasn1 | doc: add security advisory for CVE-2025-13151 (!122) References: Message-ID: Daiki Ueno created a merge request: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122 Project:Branches: dueno/libtasn1:wip/advisory/cve-2025-13151 to gnutls/libtasn1:master Author: Daiki Ueno This adds a security advisory for CVE-2025-13151 under doc/. ## Checklist * [ ] Code modified for feature * [ ] Test suite updated with functionality tests * [ ] Test suite updated with negative tests * [x] Documentation updated ## Reviewer's checklist: * [ ] There is a test suite reasonably covering new functionality or modifications * [ ] Function naming, parameters, return values, types, etc., are consistent with other code * [ ] This feature/change has adequate documentation added * [ ] No obvious mistakes in the code -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 9 03:11:14 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 09 Jan 2026 02:11:14 +0000 Subject: [gnutls-devel] libtasn1 | doc: add security advisory for CVE-2025-13151 (!122) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122#note_2993246385 @sei-vsarvepalli @jas could you check? -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122#note_2993246385 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 9 11:10:35 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 09 Jan 2026 10:10:35 +0000 Subject: [gnutls-devel] libtasn1 | doc: add security advisory for CVE-2025-13151 (!122) In-Reply-To: References: Message-ID: Merge request !122 was merged Merge request URL: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122 Project:Branches: dueno/libtasn1:wip/advisory/cve-2025-13151 to gnutls/libtasn1:master Author: Daiki Ueno -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 9 17:06:39 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 09 Jan 2026 16:06:39 +0000 Subject: [gnutls-devel] libtasn1 | doc: add security advisory for CVE-2025-13151 (!122) In-Reply-To: References: Message-ID: Merge request https://gitlab.com/gnutls/libtasn1/-/merge_requests/122 was reviewed by Vijay Sarvepalli -- Vijay Sarvepalli commented on a discussion: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122#note_2994986010 Looks good and clear to me. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Fri Jan 9 17:06:39 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Fri, 09 Jan 2026 16:06:39 +0000 Subject: [gnutls-devel] libtasn1 | doc: add security advisory for CVE-2025-13151 (!122) In-Reply-To: References: Message-ID: Vijay Sarvepalli commented: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122#note_2994986026 looks good. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/merge_requests/122#note_2994986026 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sat Jan 10 08:18:49 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 10 Jan 2026 07:18:49 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS uses expired CRLs without warning (#1781) References: Message-ID: Joyanta Debnath created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1781 ## Description of problem: GnuTLS does not explicitly check whether a CRL has expired at the time of validation. As a result, it continues to perform revocation checks using expired CRLs without raising any warnings or errors for the user. https://github.com/gnutls/gnutls/blob/0b7e7690a5744a501b887dd3a53e74c384b82a3c/lib/x509/x509.c#L3239 ## Version of gnutls used: latest or older ## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL) Ubuntu ## Actual results: Accepts CRL for certificate validation ## Expected results: Rejects CRL for certificate validation -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1781 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 11 00:11:36 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 10 Jan 2026 23:11:36 +0000 Subject: [gnutls-devel] GnuTLS | GnuTLS uses expired CRLs without warning (#1781) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1781#note_2996874484 Could you provide a reproducer? I suspect you are looking at a wrong code path; note that the CRL check is done in 2 phases: first with `gnutls_x509_crl_verify` (called by `gnutls_x509_trust_list_add_crls`) and then the call to `_gnutls_x509_crt_check_revocation` to each certificates (in `gnutls_x509_trust_list_verify_crt2`). `gnutls_x509_crl_verify` does have checks for CRL expiration: https://gitlab.com/gnutls/gnutls/-/blob/0b7e7690a5744a501b887dd3a53e74c384b82a3c/lib/x509/verify.c#L1786 I believe those are already exercised in our tests under: https://gitlab.com/gnutls/gnutls/-/blob/0b7e7690a5744a501b887dd3a53e74c384b82a3c/tests/cert-tests/crl.sh#L108 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1781#note_2996874484 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 11 00:18:32 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 10 Jan 2026 23:18:32 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli (Version 3.8.10) on macOS aborts with "Curve 1.3.36.3.3.2.8.1.1.7 is not supported" and assertions when server cert uses brainpoolP256r1 (#1767) In-Reply-To: References: Message-ID: Issue was closed by Daiki Ueno Issue #1767: https://gitlab.com/gnutls/gnutls/-/issues/1767 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1767 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 11 00:18:33 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sat, 10 Jan 2026 23:18:33 +0000 Subject: [gnutls-devel] GnuTLS | gnutls-cli (Version 3.8.10) on macOS aborts with "Curve 1.3.36.3.3.2.8.1.1.7 is not supported" and assertions when server cert uses brainpoolP256r1 (#1767) In-Reply-To: References: Message-ID: Daiki Ueno commented: https://gitlab.com/gnutls/gnutls/-/issues/1767#note_2996881589 I'm closing this as I think the questions here are answered. If you need support for Brainpool curves, please open another issue. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1767#note_2996881589 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Sun Jan 11 13:27:42 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Sun, 11 Jan 2026 12:27:42 +0000 Subject: [gnutls-devel] libtasn1 | autoreconf on 4.2.21 sets wromg mtime for doc/libtasn1.texi (#57) References: Message-ID: Andreas Metzler created an issue: https://gitlab.com/gnutls/libtasn1/-/issues/57 Hello, 4.2.21 fails to build on make check after autoreconf if texinfo is not installed: ``` WARNING: 'makeinfo' is missing on your system. You should only need it if you modified a '.texi' file, or any other file indirectly affecting the aspect of the manual. You might want to install the Texinfo package: The spurious makeinfo call might also be the consequence of using a buggy 'make' (AIX, DU, IRIX), in which case you might want to install GNU make: make[3]: *** [Makefile:1765: libtasn1.info] Error 127 ``` I think this is the reason why, libtasn1.texi mtime is set to 0 by ./configure. ``` (sid)ametzler at argenau:/tmp/TASN/libtasn1$ ls -l doc/libtasn1.texi ; head doc/version.texi ; autoreconf ; ls -l doc/libtasn1.texi ; head doc/version.texi ; ./configure > /dev/null 2>&1 ; ls -l doc/libtasn1.texi ; head doc/version.texi -rw-r--r-- 1 ametzler ametzler 10949 Jan 8 12:19 doc/libtasn1.texi @set UPDATED 8 January 2026 @set UPDATED-MONTH January 2026 @set EDITION 4.21.0 @set VERSION 4.21.0 -rw-r--r-- 1 ametzler ametzler 10949 Jan 8 12:19 doc/libtasn1.texi @set UPDATED 8 January 2026 @set UPDATED-MONTH January 2026 @set EDITION 4.21.0 @set VERSION 4.21.0 -rw-r--r-- 1 ametzler ametzler 10949 Jan 1 1970 doc/libtasn1.texi @set UPDATED 8 January 2026 @set UPDATED-MONTH January 2026 @set EDITION 4.21.0 @set VERSION 4.21.0 ``` At build time this code in doc/Makefile is triggered because the mtime recorded in version.texi does not match the relal mtime of libtasn1.texi: ``` $(srcdir)/version.texi: $(srcdir)/stamp-vti $(srcdir)/stamp-vti: libtasn1.texi $(top_srcdir)/configure @(dir=.; test -f ./libtasn1.texi || dir=$(srcdir); \ set `$(SHELL) $(top_srcdir)/build-aux/mdate-sh $$dir/libtasn1.texi`; \ echo "@set UPDATED $$1 $$2 $$3"; \ echo "@set UPDATED-MONTH $$2 $$3"; \ echo "@set EDITION $(VERSION)"; \ echo "@set VERSION $(VERSION)") > vti.tmp$$$$ && \ (cmp -s vti.tmp$$$$ $(srcdir)/version.texi \ || (echo "Updating $(srcdir)/version.texi" && \ cp vti.tmp$$$$ $(srcdir)/version.texi.tmp$$$$ && \ mv $(srcdir)/version.texi.tmp$$$$ $(srcdir)/version.texi)) && \ rm -f vti.tmp$$$$ $(srcdir)/version.texi.$$$$ @cp $(srcdir)/version.texi $@ ``` Now version.texi is newer than libtasn1.info and the latter is out of date and make thinks it needs to be rebuilt. The code for settig the wrong time-stamp is in configure.ac ``` st_help2man=0 st_touch=197001010000.00 AC_MSG_CHECKING([for timestamps of last git commit]) if test -e "$srcdir"/.git && command -v git > /dev/null; then if tmp=$(git log -1 --format=%cd --date=unix); then st_help2man="$tmp" fi if tmp=$(env TZ=UTC0 git log -1 --format=%cd --date=format-local:%Y%m%d%H%M.%S); then st_touch="$tmp" fi fi AC_SUBST(SOURCETIME_HELP2MAN, "${SOURCETIME_HELP2MAN:-$st_help2man}") AC_MSG_RESULT(help2man $SOURCETIME_HELP2MAN touch $st_touch) env TZ=UTC0 \ touch -m -t "$st_touch" \ "$srcdir"/NEWS.md "$srcdir"/doc/$PACKAGE.texi ``` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/57 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 12 08:43:47 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 12 Jan 2026 07:43:47 +0000 Subject: [gnutls-devel] libtasn1 | autoreconf on 4.2.21 sets wromg mtime for doc/libtasn1.texi (#57) In-Reply-To: References: Message-ID: Simon Josefsson commented: https://gitlab.com/gnutls/libtasn1/-/issues/57#note_2998087542 Thank you, great catch! Indeed `makeinfo` shouldn't be a required tool when building. It seems getting this right is rather tricky... I noticed that Bruno Haible's recent `git-merge-changelog` package uses a `version.sh` for similar information. It feels a bit redundant because the information is in `NEWS`. I wonder why not any of our CI/CD jobs caught this. I'll see if it is possible to reproduce. My initial idea to solve this is to avoid using git to find out the last commit date, and just use the last release date from `NEWS` instead. I'm not yet sure what the best fix to avoid touching the file when building from a tarball though. Maybe touching the file should go into `./bootstrap` instead of `./configure`. -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/libtasn1/-/issues/57#note_2998087542 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: From gnutls-devel at lists.gnutls.org Mon Jan 12 12:03:19 2026 From: gnutls-devel at lists.gnutls.org (Read-only notification of GnuTLS library development activities) Date: Mon, 12 Jan 2026 11:03:19 +0000 Subject: [gnutls-devel] GnuTLS | srptool: fix stack buffer overflow with large SRP groups (!2050) In-Reply-To: References: Message-ID: Mikhail Dmitrichenko commented on a discussion: https://gitlab.com/gnutls/gnutls/-/merge_requests/2050#note_2998611149 sure, done -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/merge_requests/2050#note_2998611149 You're receiving this email because of your account on gitlab.com. -------------- next part -------------- An HTML attachment was scrubbed... URL: