Opened 7 years ago
Closed 7 years ago
#9339 closed enhancement (fixed)
gnutls-3.5.13
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | normal | Milestone: | 8.1 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description
New point version.
Change History (3)
comment:1 by , 7 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 7 years ago
- Version 3.5.13 (released 2017-06-07)
- libgnutls: fixed issue with AES-GCM in-place encryption and decryption in aarch64. Resolves gitlab issue #204.
- libgnutls: no longer parse the ResponseID field of the status response TLS extension. The field is not used by GnuTLS nor is made available to calling applications. That addresses a null pointer dereference on server side caused by packets containing the ResponseID field. Reported by Hubert Kario. [GNUTLS-SA-2017-4]
- libgnutls: tolerate certificates which do not have strict DER time encoding. It is possible using 3rd party tools to generate certificates with time fields that do not conform to DER requirements. Since 3.4.x these certificates were rejected and cannot be used with GnuTLS, however that caused problems with existing private certificate infrastructures, which were relying on such certificates (see gitlab issue #196). Tolerate reading and using these certificates.
- minitasn1: updated to libtasn1 4.11.
- certtool: allow multiple certificates to be used in --p7-sign with the --load-certificate option. Patch by Karl Tarbe.
- API and ABI modifications: No changes since last version.
Note:
See TracTickets
for help on using tickets.
