[gnutls-devel] gnutls 3.3.13

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed Feb 25 22:57:46 CET 2015

 I've just released gnutls 3.3.13. This is a bug-fix release on
the current stable branch. Among other issues it adds a certificate
algorithm consistency check in X.509 certificates. That's is a low
severity issue affecting all previous versions, and although there
no known attacks, it is recommended to upgrade to this version.

* Version 3.3.13 (released 2015-02-25)

** libgnutls: Enable AESNI in GCM on x86

** libgnutls: Fixes in DTLS message handling

** libgnutls: Check certificate algorithm consistency, i.e.,
check whether the signatureAlgorithm field matches the signature
field inside TBSCertificate.

** gnutls-cli: Fixes in OCSP verification.

** API and ABI modifications:
No changes since last version.

Getting the Software

GnuTLS may be downloaded directly from
<ftp://ftp.gnutls.org/gcrypt/gnutls/>.  A list of GnuTLS mirrors can be
found at <http://www.gnutls.org/download.html>.

Here are the XZ and LZIP compressed sources:


Here are OpenPGP detached signatures signed using key 0x96865171:


Note that it has been signed with my openpgp key:
pub   3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid                  Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid                  Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
sub   2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub   2048R/1404A91D 2008-05-04 [expires: 2018-05-02]


More information about the Gnutls-devel mailing list