diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-01 09:43:59 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-03-01 09:43:59 +0100 |
commit | fa08b3e38fb2ae4f745d8e518b1d4df7892b2022 (patch) | |
tree | 86d804facc35a0891e37ddb5c65363531af8f645 | |
parent | 68c895e9ba7a1c98e96eccf3c30207277d2dea2d (diff) | |
download | gnutls-fa08b3e38fb2ae4f745d8e518b1d4df7892b2022.tar.gz |
doc update
-rw-r--r-- | NEWS | 17 |
1 files changed, 13 insertions, 4 deletions
@@ -19,12 +19,18 @@ See the end for copying conditions. With the current code, the SANs are parsed once on certificate import. ** libgnutls: Addressed integer overflow resulting to invalid memory write - in OpenPGP certificate parsing (issue found using oss-fuzz project: - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420 ) + in OpenPGP certificate parsing. Issue found using oss-fuzz project: + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=420 ** libgnutls: Addressed read of 1 byte past the end of buffer in OpenPGP - certificate parsing (issue found using oss-fuzz project: - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391 ) + certificate parsing. Issue found using oss-fuzz project: + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=391 + +** libgnutls: Addressed crashes in OpenPGP certificate parsing, related + to private key parser. No longer allow OpenPGP certificates (public keys) + to contain private key sub-packets. Issue found using oss-fuzz project: + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=354 + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=360 ** libgnutls: Print the key PIN value used by the HPKP protocol as per RFC7469 when printing certificate information. @@ -39,6 +45,9 @@ See the end for copying conditions. GNUTLS_SCOMMIT_FLAG_ALLOW_BROKEN. This is to allow the function to operate in applications which use SHA1 for example, after SHA1 is deprecated. +** certtool: No longer ignore the 'add_critical_extension' template option if + the 'add_extension' option is not present. + ** gnutls-cli: Added LMTP, POP3, NNTP, Sieve and PostgreSQL support to the starttls-proto command. Patch by Robert Scheck. |