[gnutls-help] gnutls 3.7.0

Daiki Ueno ueno at gnu.org
Mon Dec 7 11:23:52 CET 2020

Hello Andreas,

Andreas Metzler <ametzler at bebt.de> writes:

> I am wondering about what to ship in the next Debian release, scheduled
> to be frozen in February 2021. Should I stay with 3.6.x or go for 3.7.0?
> As far as can tell 3.7.0 is called 3.7.0 because it added the nettle 3.6
> requirement and made the crypto override APIs a no-op. But apart from
> that the changes and potential for breakage are not biggger than in a
> regular 3.6.x release so I would tend to upload 3.7.0 to Debian/unstable
> ASAP. Any thoughts on that?

IMO that is a sensible choice, except this change, which requires
adjustment in calling sites:

  ** libgnutls: OIDs exposed as gnutls_datum_t no longer account for the
     terminating null bytes, while the data field is null terminated.
     The affected API functions are: gnutls_ocsp_req_get_extension,
     gnutls_ocsp_resp_get_response, and gnutls_ocsp_resp_get_extension

As I don't see any matches of those API functions in the codesearch[1]
other than gnutls28 itself, I guess that's probably okay.


[1]  https://codesearch.debian.net/search?q=gnutls_ocsp_req_get_extension%7Cgnutls_ocsp_resp_get_response%7Cgnutls_ocsp_resp_get_extension&literal=0

Daiki Ueno

More information about the Gnutls-help mailing list