[gnutls-help] gnutls 3.7.0
ueno at gnu.org
Mon Dec 7 11:23:52 CET 2020
Andreas Metzler <ametzler at bebt.de> writes:
> I am wondering about what to ship in the next Debian release, scheduled
> to be frozen in February 2021. Should I stay with 3.6.x or go for 3.7.0?
> As far as can tell 3.7.0 is called 3.7.0 because it added the nettle 3.6
> requirement and made the crypto override APIs a no-op. But apart from
> that the changes and potential for breakage are not biggger than in a
> regular 3.6.x release so I would tend to upload 3.7.0 to Debian/unstable
> ASAP. Any thoughts on that?
IMO that is a sensible choice, except this change, which requires
adjustment in calling sites:
** libgnutls: OIDs exposed as gnutls_datum_t no longer account for the
terminating null bytes, while the data field is null terminated.
The affected API functions are: gnutls_ocsp_req_get_extension,
gnutls_ocsp_resp_get_response, and gnutls_ocsp_resp_get_extension
As I don't see any matches of those API functions in the codesearch
other than gnutls28 itself, I guess that's probably okay.
More information about the Gnutls-help