diff options
| author | Daiki Ueno <ueno@gnu.org> | 2021-03-10 05:06:13 +0100 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2021-03-10 11:28:28 +0100 |
| commit | 3aa1c455cc2fd7f63a0ee6fd90791b46bf06eb79 (patch) | |
| tree | cf79e88714639fe8eb3a6215fc417a9259738d4a | |
| parent | 4c294bd205b46042f0b53c35a658a4604e97e59d (diff) | |
| download | gnutls-3aa1c455cc2fd7f63a0ee6fd90791b46bf06eb79.tar.gz | |
Release 3.7.13.7.1
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | NEWS | 30 | ||||
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | m4/hooks.m4 | 2 |
3 files changed, 32 insertions, 2 deletions
@@ -5,6 +5,36 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.7.1 (released 2021-03-10) + +** libgnutls: Fixed potential use-after-free in sending "key_share" + and "pre_shared_key" extensions. When sending those extensions, the + client may dereference a pointer no longer valid after + realloc. This happens only when the client sends a large Client + Hello message, e.g., when HRR is sent in a resumed session + previously negotiated large FFDHE parameters, because the initial + allocation of the buffer is large enough without having to call + realloc (#1151). [GNUTLS-SA-2021-03-10, CVSS: low] + +** libgnutls: Fixed a regression in handling duplicated certs in a + chain (#1131). + +** libgnutls: Fixed sending of session ID in TLS 1.3 middlebox + compatibiltiy mode. In that mode the client shall always send a + non-zero session ID to make the handshake resemble the TLS 1.2 + resumption; this was not true in the previous versions (#1074). + +** libgnutls: W32 performance improvement with a new sendmsg()-like + transport implementation (!1377). + +** libgnutls: Removed dependency on the external 'fipscheck' package, + when compiled with --enable-fips140-mode (#1101). + +** libgnutls: Added padlock acceleration for AES-192-CBC (#1004). + +** API and ABI modifications: +No changes since last version. + * Version 3.7.0 (released 2020-12-02) ** libgnutls: Depend on nettle 3.6 (!1322). diff --git a/configure.ac b/configure.ac index ec858b4ab1..126f95ee2e 100644 --- a/configure.ac +++ b/configure.ac @@ -23,7 +23,7 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.64) dnl when updating version also update LT_REVISION in m4/hooks.m4 -AC_INIT([GnuTLS], [3.7.0], [bugs@gnutls.org]) +AC_INIT([GnuTLS], [3.7.1], [bugs@gnutls.org]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIRS([m4 src/gl/m4 src/libopts/m4 lib/unistring/m4]) AC_CANONICAL_HOST diff --git a/m4/hooks.m4 b/m4/hooks.m4 index ed9a990c1d..09190102cc 100644 --- a/m4/hooks.m4 +++ b/m4/hooks.m4 @@ -41,7 +41,7 @@ AC_DEFUN([LIBGNUTLS_HOOKS], # # Interfaces removed: AGE=0 (+bump all symbol versions in .map) AC_SUBST(LT_CURRENT, 59) - AC_SUBST(LT_REVISION, 0) + AC_SUBST(LT_REVISION, 1) AC_SUBST(LT_AGE, 29) AC_SUBST(LT_SSL_CURRENT, 27) |