diff options
| -rw-r--r-- | NEWS | 27 |
1 files changed, 27 insertions, 0 deletions
@@ -5,6 +5,33 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2019 Nikos Mavrogiannopoulos See the end for copying conditions. +* Version 3.6.15 (unreleased) + +** libgnutls: If FIPS self-tests are failed, gnutls_fips140_mode_enabled() now + indicates that with a false return value (!1306). + +** libgnutls: Under FIPS mode, the generated ECDH/DH public keys are checked + accordingly to SP800-56A rev 3 (!1295, !1299). + +** libgnutls: gnutls_x509_crt_export2() now returns 0 upon success, rather than + the size of the internal base64 blob (#1025). The new behavior aligns to the + existing documentation. + +** libgnutls: Certificate verification failue due to OCSP must-stapling is not + honered is now correctly marked with the GNUTLS_CERT_INVALID flag + (!1317). The new behavior aligns to the existing documentation. + +** libgnutls: The audit log message for weak hashes is no longer printed twice + (!1301). + +** libgnutls: Fixed version negotiation when TLS 1.3 is enabled and TLS 1.2 is + disabled in the priority string. Previously, even when TLS 1.2 is explicitly + disabled with "-VERS-TLS1.2", the server still offered TLS 1.2 if TLS 1.3 is + enabled (#1054). + +** API and ABI modifications: +No changes since last version. + * Version 3.6.14 (released 2020-06-03) ** libgnutls: Fixed insecure session ticket key construction, since 3.6.4. |