[gnutls-devel] gnutls 3.1.26

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Aug 24 10:01:58 CEST 2014

 I've just released gnutls 3.1.26. This is a bug-fix release
on the previous stable branch.

* Version 3.1.26 (released 2014-08-24)

** libgnutls: Do not call the post client hello callback twice when
resuming using session tickets.

** libgnutls: When the decoding of a printable DN element fails, then treat
it as unknown and print its hex value rather than failing. That works around
an issue in a TURKTRST root certificate which improperly encodes the
X520countryName element.

** libgnutls: initialize parameters variable on PKCS #8 decryption.

** libgnutls: gnutls_pkcs12_verify_mac() will not fail in other than SHA1

** libgnutls: when checking the hostname of a certificate with multiple CNs
ensure that the "most specific" CN is being used.

** libgnutls: In DTLS ignore only errors that relate to unexpected packets
and decryption failures.

** p11tool: will not implicitly enable so-login for certain types of
objects. That avoids issues with tokens that require different login

** p11tool: Added --so-login option to force login as security
officer (admin).

** API and ABI modifications:
No changes since last version.

Getting the Software

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:


Here are OpenPGP detached signatures signed using key 0x96865171:


Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]


More information about the Gnutls-devel mailing list