From: Simon Josefsson Date: Wed, 11 Feb 2009 16:34:41 +0000 (+0100) Subject: Fix. X-Git-Tag: gnutls_2_7_6~25 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=2fa0f47ef2a3e9a3e1494dd5b6684df327c398c0;p=thirdparty%2Fgnutls.git Fix. --- diff --git a/NEWS b/NEWS index df317673dd..7c3e603014 100644 --- a/NEWS +++ b/NEWS @@ -5,17 +5,17 @@ See the end for copying conditions. * Version 2.7.6 (unreleased) -** gnutls-cli: Certificate information output changed. -The tool now uses libgnutls' functions to print certificate -information. This avoids code duplication. - -** gnutls-cli: No longer accepts V1 CAs by default. +** gnutls-cli: No longer accepts V1 CAs by default during X.509 chain verify. Use --priority NORMAL:%VERIFY_ALLOW_X509_V1_CA_CRT to permit V1 CAs to be used for chain verification. ** gnutls-serv: No longer disable MAC padding by default. Use --priority NORMAL:%COMPAT to disable MAC padding again. +** gnutls-cli: Certificate information output format changed. +The tool now uses libgnutls' functions to print certificate +information. This avoids code duplication. + ** libgnutls: New priority strings %VERIFY_ALLOW_SIGN_RSA_MD5 ** and %VERIFY_ALLOW_X509_V1_CA_CRT. They can be used to override the default certificate chain validation