doc update

author Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)

committer Nikos Mavrogiannopoulos <nmav@redhat.com>

Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)
author Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)
committer Nikos Mavrogiannopoulos <nmav@redhat.com>
Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)
diff --git a/NEWS b/NEWS

index c9acdfdf25af11bfdda6025f28e229f4f781eeee..d507481da175fd940a2d0a31a4700576a82b17eb 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -16,6 +16,11 @@ See the end for copying conditions.
     parsing errors in the extensions field and treat it as a typical Hello
     message structure. Reported by Hubert Kario (#40)
  
+** libgnutls: On a rehandshake ensure that the certificate of the peer (if
+   available) is the same as in previous handshakes. That is to protect
+   applications which do not check user credentials on rehandshakes from
+   attacks related to unsafe renegotiation.
+
  ** certtool: Added the --provable option.
  
  ** API and ABI modifications:
author	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)
committer	Nikos Mavrogiannopoulos <nmav@redhat.com>
	Tue, 8 Dec 2015 09:59:02 +0000 (10:59 +0100)