[gnutls-devel] gnutls 3.6.13
Development of GNU's TLS library
gnutls-devel at lists.gnutls.org
Tue Mar 31 07:55:02 CEST 2020
Hello,
I've just released gnutls 3.6.13. This is a security and bug fix release on the
stable 3.6.x branch.
I'd like to thank everyone who contributed in this release:
Daiki Ueno, Dmitry Baryshkov, Tim Rühsen, Anderson Toshiyuki Sasaki,
Jakub Jelen, Daniel Lenski, Ander Juaristi, Dimitri John Ledkov,
Fiona Klute, Michael Catanzaro, Ross Nicholson, and Stefan Bühler.
The detailed list of changes follows; they can be seen in more detail
in our milestone tracker:
https://gitlab.com/gnutls/gnutls/-/milestones/27
* Version 3.6.13 (released 2020-03-31)
** libgnutls: Fix a DTLS-protocol regression (caused by TLS1.3
support), since 3.6.3.
The DTLS client would not contribute any randomness to the DTLS negotiation,
breaking the security guarantees of the DTLS protocol (#960)
[GNUTLS-SA-2020-03-31, CVSS: high]
** libgnutls: Added new APIs to access KDF algorithms (#813).
** libgnutls: Added new callback gnutls_keylog_func that enables a custom
logging functionality.
** libgnutls: Added support for non-null terminated usernames in PSK
negotiation (#586).
** gnutls-cli-debug: Improved support for old servers that only support
SSL 3.0.
** API and ABI modifications:
gnutls_hkdf_extract: Added
gnutls_hkdf_expand: Added
gnutls_pbkdf2: Added
gnutls_session_get_keylog_function: Added
gnutls_session_set_keylog_function: Added
gnutls_prf_hash_get: Added
gnutls_psk_server_get_username2: Added
gnutls_psk_set_client_credentials2: Added
gnutls_psk_set_client_credentials_function2: Added
gnutls_psk_set_server_credentials_function2: Added
Getting the Software
====================
GnuTLS may be downloaded directly from <
ftp://ftp.gnutls.org/gcrypt/gnutls/>;.
A list of GnuTLS mirrors can be found at <
http://www.gnutls.org/download.html>
Here are the XZ compressed sources:
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.13.tar.xz
Here are OpenPGP detached signatures signed using key 0x96865171:
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.6/gnutls-3.6.13.tar.xz.sig
Note that it has been signed with my openpgp key:
pub 3104R/96865171 2008-05-04 [expires: 2028-04-29]
uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at>
gmail.com>
sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02]
sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02]
regards,
Nikos
More information about the Gnutls-devel
mailing list