[gnutls-help] gnutls 3.7.8
monk at unboiled.info
Tue Sep 27 18:29:55 CEST 2022
We have just released gnutls-3.7.8.
This is a bug fix and enhancement release on the 3.7.x branch.
We would like to thank everyone who contributed in this release:
Alexander Sosedkin, Andreas Metzler, Daiki Ueno, Doug Nazar,
František Krenželok, Martin Storsjö, Simon Josefsson, Stanislav Zidek,
Tobias Heider and Zoltán Fridrich.
The detailed list of changes follows:
* Version 3.7.8 (released 2022-09-27)
** libgnutls: In FIPS140 mode, RSA signature verification is an approved
operation if the key has modulus with known sizes (1024, 1280,
1536, and 1792 bits), in addition to any modulus sizes larger than
2048 bits, according to SP800-131A rev2.
** libgnutls: gnutls_session_channel_binding performs additional checks when
GNUTLS_CB_TLS_EXPORTER is requested. According to RFC9622 4.2, the
"tls-exporter" channel binding is only usable when the handshake is
bound to a unique master secret (i.e., either TLS 1.3 or extended
master secret extension is negotiated). Otherwise the function now
** libgnutls: usage of the following functions, which are designed to
loosen restrictions imposed by allowlisting mode of configuration,
has been additionally restricted. Invoking them is now only allowed
if system-wide TLS priority string has not been initialized yet:
** API and ABI modifications:
No changes since last version.
Getting the Software
GnuTLS may be downloaded directly from
A list of GnuTLS mirrors can be found at
Here are the XZ compressed sources:
Here are OpenPGP detached signatures signed using keys:
Note that it has been signed with my OpenPGP key:
pub rsa4096 2016-09-27 [SC]
uid [ultimate] Alexander Sosedkin <monk at unboiled.info>
sub rsa4096 2016-09-27 [E]
sub rsa4096 2016-09-27 [S]
Zoltán Fridrich's OpenPGP key:
pub ed25519 2021-12-23 [SC] [expires: 2023-12-23]
uid [ultimate] Zoltan Fridrich <zfridric at redhat.com>
sub cv25519 2021-12-23 [E] [expires: 2023-12-23]
and Daiki Ueno's OpenPGP key:
pub rsa4096 2009-07-23 [SC] [expires: 2023-09-25]
uid [ultimate] Daiki Ueno <ueno at unixuser.org>
uid [ultimate] Daiki Ueno <ueno at gnu.org>
sub rsa4096 2010-02-04 [E]
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
More information about the Gnutls-help