diff options
author | Daiki Ueno <ueno@gnu.org> | 2020-09-04 08:39:00 +0200 |
---|---|---|
committer | Daiki Ueno <ueno@gnu.org> | 2020-09-04 08:39:00 +0200 |
commit | 5dd9a55040da54371807471bf3169d7a9a1f527e (patch) | |
tree | 1ae05e6e3f0e55e4a4abf7a697b9e3a72701913a /NEWS | |
parent | b4787dbefaca4f096ebb1f9c54722db1b51f2b8e (diff) | |
download | gnutls-5dd9a55040da54371807471bf3169d7a9a1f527e.tar.gz |
Release 3.6.153.6.15
Signed-off-by: Daiki Ueno <ueno@gnu.org>
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 9 |
1 files changed, 8 insertions, 1 deletions
@@ -5,7 +5,14 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. -* Version 3.6.15 (unreleased) +* Version 3.6.15 (releases 2020-09-04) + +** libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing. + The server sending a "no_renegotiation" alert in an unexpected timing, + followed by an invalid second handshake was able to cause a TLS 1.3 client to + crash via a null-pointer dereference. The crash happens in the application's + error handling path, where the gnutls_deinit function is called after + detecting a handshake failure (#1071). [GNUTLS-SA-2020-09-04, CVSS: medium] ** libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now indicates that with a false return value (!1306). |