NEWS: doc updatetmp-added-reproducer-for-960

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
author: Nikos Mavrogiannopoulos <nmav@redhat.com> 2020-03-29 21:30:37 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2020-03-30 08:49:17 +0200
commit: b644490c727b5c840c6c5b1b856a9886106a84b3 (patch)
tree: a5a5564dc994a19db144c7eed898f8be08b82567
parent: ac2f71b892d13a7ab4cc39086eef179042c7e23c (diff)
download: gnutls-tmp-added-reproducer-for-960.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 48a2c0c5da..538a9afe5d 100644
--- a/NEWS
+++ b/NEWS
@@ -7,6 +7,10 @@ See the end for copying conditions.
 
 * Version 3.6.13 (unreleased)
 
+** libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3 support), since 3.6.3.
+   The DTLS client would not contribute any randomness to the DTLS negotiation,
+   breaking the security guarantees of the DTLS protocol (#960) [CVSS: high]
+
 ** libgnutls: Added new APIs to access KDF algorithms (#813).
 
 ** libgnutls: Added new callback gnutls_keylog_func that enables a custom
@@ -27,6 +31,7 @@ gnutls_psk_set_client_credentials2: Added
 gnutls_psk_set_client_credentials_function2: Added
 gnutls_psk_set_server_credentials_function2: Added
 
+
 ** gnutls-cli-debug: Improved support for old servers that only support
    SSL 3.0.
author	Nikos Mavrogiannopoulos <nmav@redhat.com>	2020-03-29 21:30:37 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2020-03-30 08:49:17 +0200
commit	b644490c727b5c840c6c5b1b856a9886106a84b3 (patch)
tree	a5a5564dc994a19db144c7eed898f8be08b82567
parent	ac2f71b892d13a7ab4cc39086eef179042c7e23c (diff)
download	gnutls-tmp-added-reproducer-for-960.tar.gz