NEWS: doc update

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 14 insertions, 1 deletions

diff --git a/NEWS b/NEWS
index 36369bb0ae..a9a0217494 100644
--- a/NEWS
+++ b/NEWS
@@ -18,7 +18,14 @@ See the end for copying conditions.
    512 bit addition)
 
 ** libgnutls: Apply STD3 ASCII rules in gnutls_idna_map() to prevent
-   hostname/domain crafting via IDNA conversion
+   hostname/domain crafting via IDNA conversion (#720)
+
+** libgnutls: During Diffie-Hellman operations in TLS, verify that the peer's
+   public key is on the right subgroup (y^q=1 mod p), when q is available (under
+   TLS 1.3 and under earlier versions when RFC7919 parameters are used).
+
+** libgnutls: Fixed bug preventing the use of gnutls_pubkey_verify_data2() and
+   gnutls_pubkey_verify_hash2() with the GNUTLS_VERIFY_DISABLE_CA_SIGN flag (#754)
 
 ** libgnutls: The priority string option %ALLOW_SMALL_RECORDS was added to allow
    clients to communicate with the server advertising smaller limits than 512
@@ -26,6 +33,12 @@ See the end for copying conditions.
 ** API and ABI modifications:
 gnutls_prf_early: Added
 gnutls_record_set_max_recv_size: Added
+gnutls_dh_params_import_raw3: Added
+gnutls_ffdhe_2048_group_q: Added
+gnutls_ffdhe_3072_group_q: Added
+gnutls_ffdhe_4096_group_q: Added
+gnutls_ffdhe_6144_group_q: Added
+gnutls_ffdhe_8192_group_q: Added
 
 
 * Version 3.6.7 (released 2019-03-27)