added news entries

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-07-06 09:33:46 +0200
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2016-07-06 09:33:46 +0200
commit: 03d8ba1d3af3795b1ce3c92071f40b460f85bc98 (patch)
tree: b20a87fee81bb98e93a83c5c2e865daccba086a9
parent: d86e1dea3faa3e5bb65838956435d450bbeccb02 (diff)
download: gnutls-03d8ba1d3af3795b1ce3c92071f40b460f85bc98.tar.gz
6 files changed, 124 insertions, 50 deletions
diff --git a/index.html b/index.html
index 2192ac1973..99ff1cd655 100644
--- a/index.html
+++ b/index.html
@@ -109,6 +109,24 @@
          <script>!function(d,s,id){var js,fjs=d.getElementsByTagName(s)[0];if(!d.getElementById(id)){js=d.createElement(s);js.id=id;js.src="//platform.twitter.com/widgets.js";fjs.parentNode.insertBefore(js,fjs);}}(document,"script","twitter-wjs");</script>
 <table class="news-transparent" width="95%" summary="">
   <tr>
+<td><div class="emph-box" id="2016-07-06">2016-07-06</div></td>
+<td>
+<p>
+Released <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8595">GnuTLS
+3.3.24</a>, <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8593">GnuTLS
+3.4.14</a>,
+and <a href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8594">GnuTLS
+3.5.2</a> which are bug fix releases in the old, current and next stable branches.
+</p>
+<p>
+Added the <a
+href="security.html#GNUTLS-SA-2016-2">GnuTLS-SA-2016-2</a> security advisory.
+</p>
+</td>
+</tr>
+<tr>
 <td><div class="emph-box" id="2016-06-14">2016-06-14</div></td>
 <td>
 <p>
@@ -142,16 +160,6 @@ href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8542">Gn
 </p>
 </td>
 </tr>
-<tr>
-<td><div class="emph-box" id="2016-05-09">2016-05-09</div></td>
-<td>
-<p>
-Released <a href="http://permalink.gmane.org/gmane.network.gnutls.general/4127">GnuTLS 3.5.0</a>
-which is the first release of the new stable-next branch. An overview of the most prominent changes
-is provided <a href="http://nmav.gnutls.org/2016/05/gnutls-3-5-0.html">at Nikos' blog</a>.
-</p>
-</td>
-</tr>
 </table>
 </div>
 </td>
diff --git a/news-entries/2016-07-06.xml b/news-entries/2016-07-06.xml
new file mode 100644
index 0000000000..99cb194cb9
--- /dev/null
+++ b/news-entries/2016-07-06.xml
@@ -0,0 +1,14 @@
+<title>GnuTLS 3.5.2</title>
+<p>
+Released <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8595">GnuTLS
+3.3.24</a>, <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8593">GnuTLS
+3.4.14</a>,
+and <a href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8594">GnuTLS
+3.5.2</a> which are bug fix releases in the old, current and next stable branches.
+</p>
+<p>
+Added the <a
+href="security.html#GNUTLS-SA-2016-2">GnuTLS-SA-2016-2</a> security advisory.
+</p>
diff --git a/news.atom b/news.atom
index 3927c73b42..7ddbc49cdf 100644
--- a/news.atom
+++ b/news.atom
@@ -3,7 +3,36 @@
 <id>http://www.gnutls.org/news.atom</id>
 <link href="http://www.gnutls.org/news.atom" rel="self"/> 
 <title>GnuTLS - News</title>
-<updated>2016-06-14T16:47:34+00:00</updated>
+<updated>2016-07-06T09:32:43+00:00</updated>
+
+  <entry>
+    <id>http://www.gnutls.org/news.html#2016-07-06</id>
+    <link rel='alternate' href='http://www.gnutls.org/news.html#2016-07-06'/>
+    <title>GnuTLS 3.5.2</title>
+    <updated>2016-07-06T00:00:00+00:00</updated>
+    <author>
+      <name>Nikos Mavrogiannopoulos</name>
+      <email>nmav@gnutls.org</email>
+    </author>
+    <content type='xhtml' xml:base='http://www.gnutls.org/news-entries/2016-07-06.xml'><div xmlns='http://www.w3.org/1999/xhtml'>
+
+<p>
+Released <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8595">GnuTLS
+3.3.24</a>, <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8593">GnuTLS
+3.4.14</a>,
+and <a href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8594">GnuTLS
+3.5.2</a> which are bug fix releases in the old, current and next stable branches.
+</p>
+<p>
+Added the <a
+href="security.html#GNUTLS-SA-2016-2">GnuTLS-SA-2016-2</a> security advisory.
+</p>
+
+    </div>
+    </content>
+  </entry>
 
   <entry>
     <id>http://www.gnutls.org/news.html#2016-06-14</id>
@@ -417,31 +446,4 @@ href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8189">Gn
     </div>
     </content>
   </entry>
-
-  <entry>
-    <id>http://www.gnutls.org/news.html#2015-05-03</id>
-    <link rel='alternate' href='http://www.gnutls.org/news.html#2015-05-03'/>
-    <title>GnuTLS 3.4.1</title>
-    <updated>2015-05-03T00:00:00+00:00</updated>
-    <author>
-      <name>Nikos Mavrogiannopoulos</name>
-      <email>nmav@gnutls.org</email>
-    </author>
-    <content type='xhtml' xml:base='http://www.gnutls.org/news-entries/2015-05-03.xml'><div xmlns='http://www.w3.org/1999/xhtml'>
-
-<p>
-Released <a
-href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8137">GnuTLS
-3.3.15</a> and <a
-href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8138">GnuTLS
-3.4.1</a> which are bug fix releases in the current and next stable branches.
-</p>
-<p>
-Added <a
-href="security.html#GNUTLS-SA-2015-2">GnuTLS-SA-2015-2</a> security advisory.
-</p>
-
-    </div>
-    </content>
-  </entry>
 </feed>
diff --git a/news.html b/news.html
index 1826688fea..81744ad5fa 100644
--- a/news.html
+++ b/news.html
@@ -69,6 +69,24 @@ The project news are also available via an <a href="http://www.gnutls.org/news.a
   <table class="news" width="90%" summary="">
 <tr><th>Date</th><th>Comment</th></tr>
   <tr>
+<td><div class="emph-box" id="2016-07-06">2016-07-06</div></td>
+<td>
+<p>
+Released <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8595">GnuTLS
+3.3.24</a>, <a
+href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8593">GnuTLS
+3.4.14</a>,
+and <a href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8594">GnuTLS
+3.5.2</a> which are bug fix releases in the old, current and next stable branches.
+</p>
+<p>
+Added the <a
+href="security.html#GNUTLS-SA-2016-2">GnuTLS-SA-2016-2</a> security advisory.
+</p>
+</td>
+</tr>
+<tr>
 <td><div class="emph-box" id="2016-06-14">2016-06-14</div></td>
 <td>
 <p>
@@ -213,18 +231,6 @@ tracker report for the main library</a>.
 </p>
 </td>
 </tr>
-<tr>
-<td><div class="emph-box" id="2015-09-12">2015-09-12</div></td>
-<td>
-<p>
-Released <a
-href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8303">GnuTLS
-3.3.18</a> and <a
-href="http://permalink.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/8304">GnuTLS
-3.4.5</a> which are bug fix releases in the current and next stable branches.
-</p>
-</td>
-</tr>
 </table>
 <p>See also the
 the <a href="https://gitlab.com/gnutls/gnutls/blob/master/NEWS">live NEWS file</a>
diff --git a/security-entries/GNUTLS-SA-2016-2 b/security-entries/GNUTLS-SA-2016-2
new file mode 100644
index 0000000000..0e84fe13ee
--- /dev/null
+++ b/security-entries/GNUTLS-SA-2016-2
@@ -0,0 +1,22 @@
+    <td><!--<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959">
+	CVE-2014-1959</a>-->
+      </td>
+    <td>Certificate verification issue</td>
+    <td><p>We discoverd a vulnerability that affects certificate verification
+when GnuTLS is used in combination with the p11-kit trust module.
+That issue affects gnutls 3.3.23, 3.4.12 and later versions.
+</p>
+
+<p>
+<b>Who is affected by this vulnerability?</b>
+<ul>
+<li>GnuTLS installations which are configured to utilize the p11-kit trust store (i.e., when compiled with --with-default-trust-store-pkcs11).</li>
+</ul>
+</p><p>
+<b>How to mitigate the vulnerability?</b>
+<ul>
+<li>Disable the trust store verification or upgrade to GnuTLS 3.3.24, 3.4.14 and later versions.</li>
+</ul>
+
+</p>
+
diff --git a/security.html b/security.html
index abb54587a6..9c612a102a 100644
--- a/security.html
+++ b/security.html
@@ -79,6 +79,28 @@
   <table class="news" width="90%" summary="">
 <tr><th>Tag</th><th>Other identifiers</th><th>Severity</th><th>Information</th>
 <tr>
+<td><div class="emph-box" id="GNUTLS-SA-2016-2">GNUTLS-SA-2016-2</div></td>
+    <td><!--<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1959">
+	CVE-2014-1959</a>-->
+      </td>
+    <td>Certificate verification issue</td>
+    <td><p>We discoverd a vulnerability that affects certificate verification
+when GnuTLS is used in combination with the p11-kit trust module.
+That issue affects gnutls 3.3.23, 3.4.12 and later versions.
+</p>
+<p>
+<b>Who is affected by this vulnerability?</b>
+<ul>
+<li>GnuTLS installations which are configured to utilize the p11-kit trust store (i.e., when compiled with --with-default-trust-store-pkcs11).</li>
+</ul>
+</p><p>
+<b>How to mitigate the vulnerability?</b>
+<ul>
+<li>Disable the trust store verification or upgrade to GnuTLS 3.3.24, 3.4.14 and later versions.</li>
+</ul>
+</p>
+</tr>
+<tr>
 <td><div class="emph-box" id="GNUTLS-SA-2016-1">GNUTLS-SA-2016-1</div></td>
     <td><a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4456">CVE-2016-4456</a></td>
     <td>File overwrite by setuid programs</td>
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-07-06 09:33:46 +0200
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2016-07-06 09:33:46 +0200
commit	03d8ba1d3af3795b1ce3c92071f40b460f85bc98 (patch)
tree	b20a87fee81bb98e93a83c5c2e865daccba086a9
parent	d86e1dea3faa3e5bb65838956435d450bbeccb02 (diff)
download	gnutls-03d8ba1d3af3795b1ce3c92071f40b460f85bc98.tar.gz