diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-09-07 22:57:28 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2016-09-07 23:02:52 +0200 |
commit | 5057040fdefc7d6724ef1f1285c73fb36ba67b7f (patch) | |
tree | 65ec34bfc31c9e875b70c603dfedf16604b85f2c | |
parent | c5370274f0039c998a24b3b2fcb163a4979fc577 (diff) | |
download | gnutls-5057040fdefc7d6724ef1f1285c73fb36ba67b7f.tar.gz |
doc update
-rw-r--r-- | NEWS | 7 |
1 files changed, 6 insertions, 1 deletions
@@ -5,6 +5,11 @@ See the end for copying conditions. * Version 3.3.25 (unreleased) +** libgnutls: Corrected the comparison of the serial size in OCSP response. + Previously the OCSP certificate check wouldn't verify the serial length + and could succeed in cases it shouldn't (GNUTLS-SA-2016-3). + Reported by Stefan Buehler. + ** libgnutls: Fixes in gnutls_x509_crt_list_import2, which was ignoring flags if all certificates in the list fit within the initially allocated memory. @@ -12,7 +17,7 @@ See the end for copying conditions. ** libgnutls: Fix gnutls_pkcs12_simple_parse to always extract the complete chain, even when the extra_certs was non-null. Report and fix by Stefan Sørensen. -** libgnutls: Added support for decrypting PKCS#8 files which use HMAC-SHA256 +** libgnutls: Added support for decrypting PKCS#8 files which use the HMAC-SHA256 as PRF. ** libgnutls: Addressed issue with PKCS#11 signature generation on ECDSA |