diff options
author | Daiki Ueno <ueno@gnu.org> | 2020-09-03 09:51:16 +0200 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2020-09-03 13:06:32 +0200 |
commit | b0be5d7c39d4a5f7d29db4630926a4cef7c3edce (patch) | |
tree | 3927532d2baa80554b30d4d446d5250868f988a2 | |
parent | 97f405f5af3c196a6a72cc876e1f693d3ba1407c (diff) | |
download | gnutls-b0be5d7c39d4a5f7d29db4630926a4cef7c3edce.tar.gz |
NEWS: Mention 3.6.15 changestmp-backport-3.6
Signed-off-by: Daiki Ueno <ueno@gnu.org>
-rw-r--r-- | NEWS | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -5,6 +5,33 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.6.15 (unreleased) + +** libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now + indicates that with a false return value (!1306). + +** libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked + accordingly to SP800-56A rev 3 (!1295, !1299). + +** libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than + the size of the internal base64 blob (#1025). The new behavior aligns to the + existing documentation. + +** libgnutls: Certificate verification failue due to OCSP must-stapling is not + honered is now correctly marked with the GNUTLS_CERT_INVALID flag + (!1317). The new behavior aligns to the existing documentation. + +** libgnutls: The audit log message for weak hashes is no longer printed twice + (!1301). + +** libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is + disabled in the priority string. Previously, even when TLS 1.2 is explicitly + disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is + enabled (#1054). + +** API and ABI modifications: +No changes since last version. + * Version 3.6.14 (released 2020-06-03) ** libgnutls: Fixed insecure session ticket key construction, since 3.6.4. |