Hello, I've just released gnutls 3.2.11. This is a bugfix release on the current stable branch.
This release addresses the security advisory GNUTLS-SA-2014-1 at: http://www.gnutls.org/security.html#GNUTLS-SA-2014-1 * Version 3.2.11 (released 2014-02-13) ** libgnutls: Tolerate servers that send the SUPPORTED ECC extension. ** libgnutls: Reduced the TLS and DTLS version requirements for all ciphersuites that are not GCM. ** libgnutls: When two initial keywords are specified then treat the second as having the '+' modifier. ** libgnutls: When using a PKCS #11 module for verification ensure that it has been marked a trusted policy module in p11-kit. Moreover, when an empty (i.e., "pkcs11:") URL is specified, then try all trusted modules in the system for verification. http://p11-glue.freedesktop.org/doc/p11-kit/pkcs11-conf.html ** libgnutls: Fixed bug that prevented the rejection of v1 intermediate CA certificates. Reported and investigated by Suman Jana. ** certtool: Added the --ask-pass option. ** API and ABI modifications: GNUTLS_PKCS11_TOKEN_TRUSTED: Added GNUTLS_PKCS11_OBJ_FLAG_PRESENT_IN_TRUSTED_MODULE: Added Getting the Software ==================== GnuTLS may be downloaded directly from <ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be found at <http://www.gnutls.org/download.html>. Here are the XZ and LZIP compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.11.tar.xz ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.11.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.11.tar.xz.sig ftp://ftp.gnutls.org/gcrypt/gnutls/v3.2/gnutls-3.2.11.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org> uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at> gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
