released 3.6.7

Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>

diff --git a/NEWS b/NEWS
index a2eec5b6214864f17b0af23c4077de23f2bbcc7e..76764e86542d8707a3540f4619232e57afc66eb3 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -2,37 +2,44 @@ GnuTLS NEWS -- History of user-visible changes.                -*- outline -*-
 Bug numbers referenced in this log correspond to bug numbers at our issue tracker,
 available at https://gitlab.com/gnutls/gnutls/issues
 Copyright (C) 2000-2016 Free Software Foundation, Inc.
-Copyright (C) 2013-2017 Nikos Mavrogiannopoulos
+Copyright (C) 2013-2019 Nikos Mavrogiannopoulos
 See the end for copying conditions.
 
-* Version 3.6.7 (unreleased)
+* Version 3.6.7 (released 2019-03-27)
 
 ** libgnutls, gnutls tools: Every gnutls_free() will automatically set
    the free'd pointer to NULL. This prevents possible use-after-free and
    double free issues. Use-after-free will be turned into NULL dereference.
    The counter-measure does not extend to applications using gnutls_free().
 
+** libgnutls: Fixed a memory corruption (double free) vulnerability in the
+   certificate verification API. Reported by Tavis Ormandy; addressed with
+   the change above. [GNUTLS-SA-2019-03-27, #694]
+
+** libgnutls: Fixed an invalid pointer access via malformed TLS1.3 async messages;
+   Found using tlsfuzzer. [GNUTLS-SA-2019-03-27, #704]
+
 ** libgnutls: enforce key usage limitations on certificates more actively.
    Previously we would enforce it for TLS1.2 protocol, now we enforce it
    even when TLS1.3 is negotiated, or on client certificates as well. When
    an inappropriate for TLS1.3 certificate is seen on the credentials structure
    GnuTLS will disable TLS1.3 support for that session (#690).
 
-** libgnutls: fixed issue preventing sending and receiving from different
-   threads when false start was enabled (#713).
+** libgnutls: the default number of tickets sent under TLS 1.3 was increased to
+   two. This makes it easier for clients which perform multiple connections
+   to the server to use the tickets sent by a default server.
 
 ** libgnutls: enforce the equality of the two signature parameters fields in
    a certificate. We were already enforcing the signature algorithm, but there
    was a bug in parameter checking code.
 
+** libgnutls: fixed issue preventing sending and receiving from different
+   threads when false start was enabled (#713).
+
 ** libgnutls: the flag GNUTLS_PKCS11_OBJ_FLAG_LOGIN_SO now implies a writable
    session, as non-writeable security officer sessions are undefined in PKCS#11
    (#721).
 
-** libgnutls: the default number of tickets sent under TLS 1.3 was increased to
-   two. This makes it easier for clients which perform multiple connections
-   to the server to use the tickets sent by a default server.
-
 ** libgnutls: no longer send downgrade sentinel in TLS 1.3.
    Previously the sentinel value was embedded to early in version
    negotiation and was sent even on TLS 1.3. It is now sent only when