NEWS: add an entry for allowlisting-relaxing functions restriction

author Alexander Sosedkin <asosedkin@redhat.com>

Wed, 21 Sep 2022 12:26:55 +0000 (14:26 +0200)

committer Alexander Sosedkin <asosedkin@redhat.com>

Tue, 27 Sep 2022 11:00:47 +0000 (13:00 +0200)
author Alexander Sosedkin <asosedkin@redhat.com>
Wed, 21 Sep 2022 12:26:55 +0000 (14:26 +0200)
committer Alexander Sosedkin <asosedkin@redhat.com>
Tue, 27 Sep 2022 11:00:47 +0000 (13:00 +0200)
diff --git a/NEWS b/NEWS

index 45955558296dd204fffe010c09f66575c7d80cd8..49a9686c4db86ab4899f8d2c658223be94ea25f7 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -19,6 +19,16 @@ See the end for copying conditions.
     master secret extension is negotiated). Otherwise the function now
     returns error.
  
+** libgnutls: usage the following functions, designed to loosen restrictions
+   imposed by allowlisting mode of configuration,
+   has been additionally restricted;
+   invoking them is now only allowed if system-wide TLS priority string
+   has not been initialized yet:
+gnutls_digest_set_secure
+gnutls_sign_set_secure
+gnutls_sign_set_secure_for_certs
+gnutls_protocol_set_enabled
+
  * Version 3.7.7 (released 2022-07-28)
  
  ** libgnutls: Fixed double free during verification of pkcs7 signatures.
author	Alexander Sosedkin <asosedkin@redhat.com>
	Wed, 21 Sep 2022 12:26:55 +0000 (14:26 +0200)
committer	Alexander Sosedkin <asosedkin@redhat.com>
	Tue, 27 Sep 2022 11:00:47 +0000 (13:00 +0200)