[mod_gnutls-devel] Bugfix release: mod_gnutls 0.9.1
fiona.klute at gmx.de
Fri Nov 29 19:29:20 CET 2019
I have just uploaded a new source archive and matching signature to
https://mod.gnutls.org/downloads/ as well as the signed mod_gnutls/0.9.1
tag to the git repositories [1, 2].
* Fix possible segfault (NULL pointer dereference) on failed TLS
handshake. Calling ssl_var_lookup() after a failed handshake could lead
to GnuTLS session information functions being called on a NULL session
pointer, leading to segfault.
* Remove URLs from expected error responses in the test suite. Apache
HTTPD removed request URLs from canned error messages to prevent
misleading text/links being displayed via crafted links
(CVE-2019-10092). Adjust the expected error responses in our tests so
they can pass again.
* Test suite: Ignore "Content-Length" header of responses. Thanks to
* Add a section about module dependencies on socache to the handbook
* Restructure the manpage build and move it to section 5 (config files)
* Test suite: Restructure certificate directories
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the mod_gnutls-devel