I am happy to announce GnuTLS 1.5.1, the second release on our current development branch. We still recommend the 1.4.x branch as the stable version.
One goal with the 1.5.x branch is to make Windows x86 a supported platform for GnuTLS. We do this by providing a binary Windows installer of GnuTLS, cross-compiled from GNU/Linux using MinGW and NSIS. The installer is (lightly) tested on Windows 2000 and Windows XP. It is possible to develop applications in Visual Studio or MinGW that links to the library. See a separate announcement for the binary installer for this release. And yes, the patches for the security problem fixed by 1.4.4 are included in this release too. GnuTLS is a modern C library that implement the standard network security protocol Transport Layer Security (TLS), for use by network applications. * Version 1.5.1 (released 2006-09-21) ** Fix PKCS#1 verification to avoid a variant of Bleichenbacher's ** Crypto 06 rump session attack. In particular, we check that the digestAlgorithm.parameters field is missing or empty, to avoid that it can contain "garbage" that may be used to alter the numeric properties of the signature. See <http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html> (which is not exactly the same as the problem we fix here). Reported by Yutaka OIWA <[EMAIL PROTECTED]>. See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more up to date information. ** Add self test to test for above flaw. ** Fix gnutls-cli-debug regarding resume support detection. Earlier, if the session-id from the server had a length of 0, it would indicate the the server supports resumption, which isn't the case. Reported by Kataja Kai <[EMAIL PROTECTED]>. ** Fix building of examples on FreeBSD by including netinet/in.h. Reported by Roman Bogorodskiy <[EMAIL PROTECTED]>. ** Fix certtool bug that caused the private key to not be loaded when generating a certificate with --load-request, which in turn triggered another unrelated bug in gnutls_x509_crt_sign2 (also fixed). Reported by Sascha Ziemann <[EMAIL PROTECTED]>. ** gnutls-cli and gnutls-serv works on Windows. The problem was the select() call that doesn't work on file descriptors (stdin) on Windows. We borrowed some code from plibc to solve this. It appears to be somewhat unreliable though. ** Autoconf 2.60 is now used. ** API and ABI modifications: No changes since last version. Improving GnuTLS is costly, but you can help! We are looking for organizations that find GnuTLS useful and wish to contribute back. You can contribute by reporting bugs, improve the software, or donate money or equipment. Commercial support contracts for GnuTLS are available, and they help finance continued maintenance. Simon Josefsson Datakonsult, a Stockholm based privately held company, is currently funding GnuTLS maintenance. We are always looking for interesting development projects. See http://josefsson.org/ for more details. All manual formats are available from: http://www.gnutls.org/manual/ Direct link to the most popular formats: http://www.gnutls.org/manual/gnutls.html - HTML format http://www.gnutls.org/manual/gnutls.pdf - PDF format http://www.gnutls.org/reference/ch01.html - API Reference, GTK-DOC HTML If you need help to use GnuTLS, or want to help others, you are invited to join our help-gnutls mailing list, see: <http://lists.gnu.org/mailman/listinfo/help-gnutls>. The project page of the library is available at: http://www.gnutls.org/ http://www.gnu.org/software/gnutls/ http://josefsson.org/gnutls/ (updated fastest) Here are the compressed sources (4.1MB): http://josefsson.org/gnutls/releases/gnutls-1.5.1.tar.bz2 ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.5.1.tar.bz2 Here are GPG detached signatures signed using key 0xB565716F: http://josefsson.org/gnutls/releases/gnutls-1.5.1.tar.bz2.sig ftp://ftp.gnutls.org/pub/gnutls/devel/gnutls-1.5.1.tar.bz2.sig The software is cryptographically signed by the author using an OpenPGP key identified by the following information: pub 1280R/B565716F 2002-05-05 [expires: 2007-02-15] uid Simon Josefsson <[EMAIL PROTECTED]> uid Simon Josefsson <[EMAIL PROTECTED]> sub 1280R/4D5D40AE 2002-05-05 [expires: 2007-02-15] sub 1024R/09CC4670 2006-03-18 [expires: 2007-04-22] sub 1024R/AABB1F7B 2006-03-18 [expires: 2007-04-22] sub 1024R/A14C401A 2006-03-18 [expires: 2007-04-22] The key is available from: http://josefsson.org/key.txt dns:b565716f.josefsson.org?TYPE=CERT Here are the SHA-1 and SHA-224 checksums: 116cdb641fe176b4f834a2709635eeeb3bf0dd73 gnutls-1.5.1.tar.bz2 ab2a7e281c288bd928dd7fc750e75ff3beb913b6 gnutls-1.5.1.tar.bz2.sig ebf5fadf425f93f04d1eddd71a0940a2d3a97455393be1cb38d92fc5 gnutls-1.5.1.tar.bz2 c5d049ab7df89053b7634285c74c9036963599caba7d6584c4abd14c gnutls-1.5.1.tar.bz2.sig Enjoy, Nikos and Simon
pgpaRJQ62Ny9e.pgp
Description: PGP signature
_______________________________________________ Help-gnutls mailing list [email protected] http://lists.gnu.org/mailman/listinfo/help-gnutls
