Copyright (C) 2013-2019 Nikos Mavrogiannopoulos
See the end for copying conditions.
-* Version 3.8.9 (unreleased)
+* Version 3.8.9 (released 2025-02-07)
** libgnutls: leancrypto was added as an interim option for PQC
The library can now be built with leancrypto instead of liboqs for
MLKEM1024 is only offered as SecP384r1MLKEM1024 hybrid as per
draft-kwiatkowski-tls-ecdhe-mlkem-03.
+** libgnutls: Fix potential DoS in handling certificates with numerous name
+ constraints, as a follow-up of CVE-2024-12133 in libtasn1. The
+ bundled copy of libtasn1 has also been updated to the latest 4.20.0
+ release to complete the fix. Reported by Bing Shi (#1553).
+ [GNUTLS-SA-2025-02-07, CVSS: medium] [CVE-2024-12243]
+
** API and ABI modifications:
GNUTLS_PK_MLDSA44: New enum member of gnutls_pk_algorithm_t
GNUTLS_PK_MLDSA65: New enum member of gnutls_pk_algorithm_t
AC_PREREQ([2.71])
dnl when updating version also update LT_REVISION in m4/hooks.m4
-AC_INIT([GnuTLS],[3.8.8],[bugs@gnutls.org])
+AC_INIT([GnuTLS],[3.8.9],[bugs@gnutls.org])
AC_CONFIG_AUX_DIR([build-aux])
AC_CONFIG_MACRO_DIRS([m4 src/gl/m4 lib/unistring/m4])
AC_CANONICAL_HOST
#
# Interfaces removed: AGE=0 (+bump all symbol versions in .map)
AC_SUBST(LT_CURRENT, 70)
- AC_SUBST(LT_REVISION, 2)
+ AC_SUBST(LT_REVISION, 3)
AC_SUBST(LT_AGE, 40)
AC_SUBST(LT_SSL_CURRENT, 27)
projects / thirdparty / gnutls.git / commitdiff
