- Updated to 3.4.11
  * Version 3.4.11 (released 2016-04-11)
  ** libgnutls: Fixes in gnutls_record_get/set_state() with DTLS. 
     Reported by Fridolin Pokorny.
  ** libgnutls: Fixes in DSA key generation under PKCS #11. Report and
     patches by Jan Vcelak.
  ** libgnutls: Corrected behavior of ALPN extension parsing during
     session resumption. Report and patches by Yuriy M. Kaminskiy.
  ** libgnutls: Corrected regression (since 3.4.0) in 
     gnutls_server_name_set() which caused it not to accept non-null-
     terminated hostnames. Reported by Tim Ruehsen.
  ** libgnutls: Corrected printing of the IP Adress name constraints.
  ** ocsptool: use HTTP/1.0 for requests. This avoids issue with servers
     serving chunk encoding which ocsptool doesn't support. Reported by
     Thomas Klute.
  ** certtool: do not require a CA for OCSP signing tag. This follows the
     recommendations in RFC6960 in 4.2.2.2 which allow a CA to delegate
     OCSP signing to another certificate without requiring it to be a CA.
     Reported by Thomas Klute.
  * Version 3.4.10 (released 2016-03-03)
  ** libgnutls: Eliminated issues preventing buffers more than 2^32 bytes
     to be used with hashing functions.
  ** libgnutls: Corrected leaks and other issues in
     gnutls_x509_crt_list_import().
  ** libgnutls: Fixes in DSA key handling for PKCS #11. Report and 
     patches by Jan Vcelak.
  ** libgnutls: Several fixes to prevent relying on undefined behavior
     of C (found with libubsan).
  * Version 3.4.9 (released 2016-02-03)
  ** libgnutls: Corrected ALPN protocol negotiation. Before GnuTLS would

• Files Changed
• Browse Source