From 95342ca6b0f96453ee4dd93f113e46e8d5cabac0 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Mon, 24 May 2021 09:20:58 +0200
Subject: Release 3.6.16

Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
 NEWS         | 20 +++++++++++++++++++-
 configure.ac |  2 +-
 m4/hooks.m4  |  2 +-
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/NEWS b/NEWS
index 589e6e79b5..5d30927f9a 100644
--- a/NEWS
+++ b/NEWS
@@ -5,7 +5,25 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc.
 Copyright (C) 2013-2019 Nikos Mavrogiannopoulos
 See the end for copying conditions.
 
-* Version 3.6.15 (releases 2020-09-04)
+* Version 3.6.16 (released 2021-05-24)
+
+** libgnutls: Fixed potential miscalculation of ECDSA/EdDSA code backported from
+   Nettle.  In GnuTLS, as long as it is built and linked against the fixed
+   version of Nettle, this only affects GOST curves.  [CVE-2021-20305]
+
+** libgnutls: Fixed potential use-after-free in sending "key_share"
+   and "pre_shared_key" extensions. When sending those extensions, the
+   client may dereference a pointer no longer valid after
+   realloc. This happens only when the client sends a large Client
+   Hello message, e.g., when HRR is sent in a resumed session
+   previously negotiated large FFDHE parameters, because the initial
+   allocation of the buffer is large enough without having to call
+   realloc (#1151).  [GNUTLS-SA-2021-03-10, CVSS: low]
+
+** API and ABI modifications:
+No changes since last version.
+
+* Version 3.6.15 (released 2020-09-04)
 
 ** libgnutls: Fixed "no_renegotiation" alert handling at incorrect timing.
    The server sending a "no_renegotiation" alert in an unexpected timing,
diff --git a/configure.ac b/configure.ac
index 70ae457751..ce2efa8775 100644
--- a/configure.ac
+++ b/configure.ac
@@ -23,7 +23,7 @@ dnl Process this file with autoconf to produce a configure script.
 AC_PREREQ(2.63)
 
 dnl when updating version also update LT_REVISION in m4/hooks.m4
-AC_INIT([GnuTLS], [3.6.15], [bugs@gnutls.org])
+AC_INIT([GnuTLS], [3.6.16], [bugs@gnutls.org])
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_MACRO_DIRS([m4 src/gl/m4 src/libopts/m4 lib/unistring/m4])
 AC_CANONICAL_HOST
diff --git a/m4/hooks.m4 b/m4/hooks.m4
index 1faab6465f..e1248c77f2 100644
--- a/m4/hooks.m4
+++ b/m4/hooks.m4
@@ -41,7 +41,7 @@ AC_DEFUN([LIBGNUTLS_HOOKS],
   #
   # Interfaces removed:                           AGE=0 (+bump all symbol versions in .map)
   AC_SUBST(LT_CURRENT, 58)
-  AC_SUBST(LT_REVISION, 1)
+  AC_SUBST(LT_REVISION, 2)
   AC_SUBST(LT_AGE, 28)
 
   AC_SUBST(LT_SSL_CURRENT, 27)
-- 
cgit v1.2.1