GnuTLS 2.11.6

Simon Josefsson simon at
Tue Dec 7 13:11:44 CET 2010


The GnuTLS 2.11.x branch is NOT what you want for your stable system.
It is intended for developers and experienced users.

This is major update release that includes features such as PKCS #11
support for cryptographic objects, a PKCS #11 token manipulation tool
(p11tool), support for local system thread locks, new message buffering
layer, support for nettle library and more.

Unless there are issues, this version contains the final version of the
PKCS #11 support for 2.12.x. It has been mostly tested with OpenSC and
Feitian smart cards, but I'd appreciate if you can test it with other
tokens and PKCS11 modules you may have.

Here are the compressed sources:

Here is the OpenPGP signature:

Happy hacking,

PS.  Accidentally I overwrote the 2.11.5 release on the FTP servers when
doing this release, I'll try to revert the old files.

* Version 2.11.6 (released 2010-12-06)

** libgnutls: Record version of Client Hellos is now set by default to
SSL 3.0. To restore the previous default behavior use %LATEST_RECORD_VERSION
priority string.

** libgnutls: Use ASN1_NULL when writing parameters for RSA signatures. 
This makes us comply with RFC3279. Reported by Michael Rommel.

** gnutls-serv: Corrected a buffer overflow. Reported and patch by Tomas Mraz.

** API and ABI modifications:
No changes since last version.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 424 bytes
Desc: not available
URL: </pipermail/attachments/20101207/346f1358/attachment.pgp>

More information about the Gnutls-devel mailing list