diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-29 19:43:09 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2014-05-30 07:10:32 +0200 |
commit | adcb54e54e36c2bb6a1a32b81e64fca53ab37ea6 (patch) | |
tree | 7b2511a1ad7aed4062a791edd0f06ea6ec8b0921 | |
parent | b1740b885da6d1613d8c58dba01242f7b0204c08 (diff) | |
download | gnutls-adcb54e54e36c2bb6a1a32b81e64fca53ab37ea6.tar.gz |
doc updategnutls_3_2_15
-rw-r--r-- | NEWS | 12 |
1 files changed, 5 insertions, 7 deletions
@@ -3,24 +3,22 @@ Copyright (C) 2000-2014 Free Software Foundation, Inc. Copyright (C) 2013, 2014 Nikos Mavrogiannopoulos See the end for copying conditions. -* Version 3.2.15 (unreleased) +* Version 3.2.15 (released 2014-05-30) -** libgnutls: Eliminated null pointer dereferences in ASN.1 parser. -Issues discovered using the Codenomicon TLS test suite. - -** libgnutls: Eliminated null pointer dereference in ciphersuite parsing. +** libgnutls: Eliminated memory corruption issue in Server Hello parsing. Issue reported by Joonas Kuorilehto of Codenomicon. ** libgnutls: Several memory leaks caused by error conditions were fixed. The leaks were identified using valgrind and the Codenomicon TLS test suite. -** libgnutls: increased the maximum certificate size buffer +** libgnutls: Increased the maximum certificate size buffer in the PKCS #11 subsystem. ** libgnutls: Check the return code of getpwuid_r() instead of relying on the result value. That avoids issue in certain systems, when using -tofu authentication and the home path cannot be determined. +tofu authentication and the home path cannot be determined. Issue reported +by Viktor Dukhovni. ** gnutls-cli: if dane is requested but not PKIX verification, then only do verify the end certificate. |