doc update

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-04-19 22:37:22 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-04-19 22:37:22 +0200
commit: 8de6e09f7d0f3f84e462371289023f2ce6c95553 (patch)
tree: a6dccc65369b002caee6a44b4fb4c9fce252bbc2
parent: 68553a7df109d75b38817e1ed5cc9f997dc962d1 (diff)
download: gnutls-8de6e09f7d0f3f84e462371289023f2ce6c95553.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 4e987959bc..7aa96ea158 100644
--- a/NEWS
+++ b/NEWS
@@ -33,7 +33,8 @@ See the end for copying conditions.
 ** libgnutls: On a rehandshake ensure that the certificate of the peer (if
    available) is the same as in previous handshakes. That is to protect
    applications which do not check user credentials on rehandshakes from
-   attacks related to unsafe renegotiation.
+   attacks related to unsafe renegotiation. This can be overriden using
+   the %GNUTLS_ALLOW_CERT_CHANGE flag in gnutls_init().
 
 ** libgnutls: Follow RFC5280 strictly in name constraints computation. The
    permitted subtrees is intersected with any previous values. Report and
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-04-19 22:37:22 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-04-19 22:37:22 +0200
commit	8de6e09f7d0f3f84e462371289023f2ce6c95553 (patch)
tree	a6dccc65369b002caee6a44b4fb4c9fce252bbc2
parent	68553a7df109d75b38817e1ed5cc9f997dc962d1 (diff)
download	gnutls-8de6e09f7d0f3f84e462371289023f2ce6c95553.tar.gz