diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2020-01-15 14:44:22 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2020-01-15 14:44:31 +0100 |
commit | 4023d63f0b2795c0c0447282c808671ae8503ac3 (patch) | |
tree | 4f6e6ddc3403f52f4c468597af452857a18bfec5 | |
parent | 0ddd79afb47149cd49690b3a89b9a8ca79acd29b (diff) | |
download | gnutls-4023d63f0b2795c0c0447282c808671ae8503ac3.tar.gz |
doc update [ci skip]
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | NEWS | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -31,6 +31,9 @@ See the end for copying conditions. for all certificate verifications, not only under TLS. The configuration can be overriden using the GNUTLS_SYSTEM_PRIORITY_FILE environment variable. +** libgnutls: The stapled OCSP certificate verification adheres to the convention + used throughout the library of setting the 'GNUTLS_CERT_INVALID' flag. + ** libgnutls: Reject certificates which contain duplicate extensions. We were previously printing warnings when printing such a certificate, but that is insufficient to flag such certificates as invalid. Instead we now refuse to |