diff options
| author | Daiki Ueno <ueno@gnu.org> | 2021-05-24 09:20:58 +0200 |
|---|---|---|
| committer | Daiki Ueno <ueno@gnu.org> | 2021-05-24 09:37:40 +0200 |
| commit | 95342ca6b0f96453ee4dd93f113e46e8d5cabac0 (patch) | |
| tree | c8a8629950b6cc46d5bd6d29acff5c1bf2a693e5 | |
| parent | 781b8be4fc5cbab24e74586ca8f4c229531ea167 (diff) | |
| download | gnutls_3_6_x.tar.gz | |
Release 3.6.163.6.16gnutls_3_6_x
Signed-off-by: Daiki Ueno <ueno@gnu.org>
| -rw-r--r-- | NEWS | 20 | ||||
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | m4/hooks.m4 | 2 |
3 files changed, 21 insertions, 3 deletions
@@ -5,7 +5,25 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. -* Version 3.6.15 (releases 2020-09-04) +* Version 3.6.16 (released 2021-05-24) + +** libgnutls: Fixed potential miscalculation of ECDSA/EdDSA code backported from + Nettle. In GnuTLS, as long as it is built and linked against the fixed + version of Nettle, this only affects GOST curves. [CVE-2021-20305] + +** libgnutls: Fixed potential use-after-free in sending "key_share" + and "pre_shared_key" extensions. When sending those extensions, the + client may dereference a pointer no longer valid after + realloc. This happens only when the client sends a large Client + Hello message, e.g., when HRR is sent in a resumed session + previously negotiated large FFDHE parameters, because the initial + allocation of the buffer is large enough without having to call + realloc (#1151). [GNUTLS-SA-2021-03-10, CVSS: low] + +** API and ABI modifications: +No changes since last version. + +* Version 3.6.15 (released 2020-09-04) ** libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing. The server sending a "no_renegotiation" alert in an unexpected timing, diff --git a/configure.ac b/configure.ac index 70ae457751..ce2efa8775 100644 --- a/configure.ac +++ b/configure.ac @@ -23,7 +23,7 @@ dnl Process this file with autoconf to produce a configure script. AC_PREREQ(2.63) dnl when updating version also update LT_REVISION in m4/hooks.m4 -AC_INIT([GnuTLS], [3.6.15], [bugs@gnutls.org]) +AC_INIT([GnuTLS], [3.6.16], [bugs@gnutls.org]) AC_CONFIG_AUX_DIR([build-aux]) AC_CONFIG_MACRO_DIRS([m4 src/gl/m4 src/libopts/m4 lib/unistring/m4]) AC_CANONICAL_HOST diff --git a/m4/hooks.m4 b/m4/hooks.m4 index 1faab6465f..e1248c77f2 100644 --- a/m4/hooks.m4 +++ b/m4/hooks.m4 @@ -41,7 +41,7 @@ AC_DEFUN([LIBGNUTLS_HOOKS], # # Interfaces removed: AGE=0 (+bump all symbol versions in .map) AC_SUBST(LT_CURRENT, 58) - AC_SUBST(LT_REVISION, 1) + AC_SUBST(LT_REVISION, 2) AC_SUBST(LT_AGE, 28) AC_SUBST(LT_SSL_CURRENT, 27) |