[gnutls-devel] gnutls 3.1.8

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Feb 10 12:57:43 CET 2013


Hello,
 I've just released gnutls 3.1.8. This is bug fix release on the current
stable branch. GnuTLS 3.1.7 inadvertently increased the security level
of the priority string NORMAL. This release restores it to the levels of
GnuTLS 3.1.6.


* Version 3.1.8 (released 2013-02-10)

** libgnutls: Fixed issue in gnutls_x509_privkey_import2() which didn't
return GNUTLS_E_DECRYPTION_FAILED in all cases, and affect certtool
operation with encrypted keys. Reported by Yan Fiz.

** libgnutls: The minimum DH bits accepted by priorities NORMAL and
PERFORMANCE was set to previous defaults 727 bits. Reported by Diego
Elio Petteno.

** libgnutls: Corrected issue which prevented
gnutls_pubkey_verify_hash() to operate with long keys. Reported by Erik
A Jensen.

** API and ABI modifications:
No changes since last version.


Getting the Software
====================

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.8.tar.xz
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.8.tar.lz

Here are OpenPGP detached signatures signed using key 0x96865171:

  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.8.tar.xz.sig
  ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-3.1.8.tar.lz.sig

Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]

regards,
Nikos



More information about the Gnutls-devel mailing list