[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
gnutls 3.1.2
From: |
Nikos Mavrogiannopoulos |
Subject: |
gnutls 3.1.2 |
Date: |
Wed, 26 Sep 2012 20:54:28 +0200 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:10.0.6esrpre) Gecko/20120805 Icedove/10.0.6 |
Hello,
I've just released gnutls 3.1.2. This release includes feature
updates, notably support for the DTLS heartbeat message, and bug fixes
in the current stable branch.
* Version 3.1.2 (released 2012-09-26)
** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust()
and gnutls_x509_trust_list_add_trust_mem() that prevented the loading
of certificates in the windows platform.
** libgnutls: Corrected bug in OpenPGP subpacket encoding.
** libgnutls: Added support for DTLS/TLS heartbeats by Olga Smolenchuk.
(the work was done during Google Summer of Code).
** libgnutls: Added X.509 certificate verification flag
GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
of unsorted certificate chains and is enabled by default for
TLS certificate verification (if gnutls_certificate_set_verify_flags()
does not override it).
** libgnutls: Prints warning on certificates that contain keys of
an insecure level. If the %COMPAT priority flag is not specified
the TLS connection fails.
** libgnutls: Correctly restore gnutls_record_recv() in DTLS mode
if interrupted during the retrasmition of handshake data.
** libgnutls: Better mingw32 support (patch by LRN).
** libgnutls: The %COMPAT keyword, if specified, will tolerate
key usage violation errors (they are far too common to ignore).
** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
which provides a tool to counter compression-related attacks where
parts of the data are controlled by the attacker _and_ are placed in
separate records (use with care - do not use compression if not sure).
** libgnutls: Depends on libtasn1 2.14 or later.
** certtool: Prints the number of bits of the public key algorithm
parameter in a private key.
** API and ABI modifications:
gnutls_x509_privkey_get_pk_algorithm2: Added
gnutls_heartbeat_ping: Added
gnutls_heartbeat_pong: Added
gnutls_heartbeat_allowed: Added
gnutls_heartbeat_enable: Added
gnutls_heartbeat_set_timeouts: Added
gnutls_heartbeat_get_timeout: Added
GNUTLS_SEC_PARAM_WEAK: Added
GNUTLS_SEC_PARAM_INSECURE: Added
Getting the Software
====================
GnuTLS may be downloaded from one of the GNU mirror sites or directly
>From <ftp://ftp.gnu.org/gnu/gnutls/>. The list of GNU mirrors can be
found at <http://www.gnu.org/prep/ftp.html> and a list of GnuTLS mirrors
can be found at <http://www.gnu.org/software/gnutls/download.html>.
Here are the XZ compressed sources:
ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz
http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz
Here are the LZIP compressed sources:
ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz
http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz
Here are OpenPGP detached signatures signed using key 0x96865171:
ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz.sig
http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz.sig
ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz.sig
http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz.sig
Note that it has been signed with my openpgp key:
pub 3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02]
regards,
Nikos
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- gnutls 3.1.2,
Nikos Mavrogiannopoulos <=