Opened 3 weeks ago

Closed 2 weeks ago

#15094 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: normal Milestone: 10.2
Component: BOOK Version: git
Severity: normal Keywords:


New point version.

Change History (3)

comment:1 by Bruce Dubbs, 2 weeks ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 2 weeks ago

Version 3.7.2 (released 2021-05-29)

  • libgnutls: The priority string option %DISABLE_TLS13_COMPAT_MODE was added to disable TLS 1.3 middlebox compatibility mode
  • libgnutls: The Linux kernel AF_ALG based acceleration has been added. This can be enabled with --enable-afalg configure option, when libkcapi package is installed.
  • libgnutls: Fixed timing of early data exchange. Previously, the client was sending early data after receiving Server Hello, which not only negates the benefit of 0-RTT, but also works under certain assumptions hold (e.g., the same ciphersuite is selected in initial and resumption handshake).
  • certtool: When signing a CSR, CRL distribution point (CDP) is no longer copied from the signing CA by default.
  • libgnutls: The GNUTLS_NO_EXPLICIT_INIT envvar has been renamed to GNUTLS_NO_IMPLICIT_INIT to reflect the purpose. The former is now deprecated and will be removed in the future releases.
  • certtool: When producing certificates and certificate requests, subject DN components that are provided individually will now be ordered by assumed scale (e.g. Country before State, Organization before OrganizationalUnit). This change also affects the order in which certtool prompts interactively. Please rely on the template mechanism for automated use of certtool!

API and ABI modifications:

  • gnutls_early_cipher_get: Added
  • gnutls_early_prf_hash_get: Added

comment:3 by Bruce Dubbs, 2 weeks ago

Resolution: fixed
Status: assignedclosed

Fixed at revision b278caafeaa4c34c5585ce31233e6dee4ccc6c88

Update to:
Note: See TracTickets for help on using tickets.