Hello, I've just released gnutls 3.1.2. This release includes feature updates, notably support for the DTLS heartbeat message, and bug fixes in the current stable branch.
* Version 3.1.2 (released 2012-09-26) ** libgnutls: Fixed bug in gnutls_x509_trust_list_add_system_trust() and gnutls_x509_trust_list_add_trust_mem() that prevented the loading of certificates in the windows platform. ** libgnutls: Corrected bug in OpenPGP subpacket encoding. ** libgnutls: Added support for DTLS/TLS heartbeats by Olga Smolenchuk. (the work was done during Google Summer of Code). ** libgnutls: Added X.509 certificate verification flag GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification of unsorted certificate chains and is enabled by default for TLS certificate verification (if gnutls_certificate_set_verify_flags() does not override it). ** libgnutls: Prints warning on certificates that contain keys of an insecure level. If the %COMPAT priority flag is not specified the TLS connection fails. ** libgnutls: Correctly restore gnutls_record_recv() in DTLS mode if interrupted during the retrasmition of handshake data. ** libgnutls: Better mingw32 support (patch by LRN). ** libgnutls: The %COMPAT keyword, if specified, will tolerate key usage violation errors (they are far too common to ignore). ** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(), which provides a tool to counter compression-related attacks where parts of the data are controlled by the attacker _and_ are placed in separate records (use with care - do not use compression if not sure). ** libgnutls: Depends on libtasn1 2.14 or later. ** certtool: Prints the number of bits of the public key algorithm parameter in a private key. ** API and ABI modifications: gnutls_x509_privkey_get_pk_algorithm2: Added gnutls_heartbeat_ping: Added gnutls_heartbeat_pong: Added gnutls_heartbeat_allowed: Added gnutls_heartbeat_enable: Added gnutls_heartbeat_set_timeouts: Added gnutls_heartbeat_get_timeout: Added GNUTLS_SEC_PARAM_WEAK: Added GNUTLS_SEC_PARAM_INSECURE: Added Getting the Software ==================== GnuTLS may be downloaded from one of the GNU mirror sites or directly >From <ftp://ftp.gnu.org/gnu/gnutls/>. The list of GNU mirrors can be found at <http://www.gnu.org/prep/ftp.html> and a list of GnuTLS mirrors can be found at <http://www.gnu.org/software/gnutls/download.html>. Here are the XZ compressed sources: ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz Here are the LZIP compressed sources: ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz.sig http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.xz.sig ftp://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz.sig http://ftp.gnu.org/gnu/gnutls/gnutls-3.1.2.tar.lz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org> uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at> gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos _______________________________________________ GNU Announcement mailing list <info-gnu@gnu.org> https://lists.gnu.org/mailman/listinfo/info-gnu
