diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-12-01 06:04:45 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2018-12-01 06:31:24 +0100 |
| commit | 4353ea025ae032887f3e8cf5aadace25662c6b35 (patch) | |
| tree | 55f57bdae35d444c9390e13cdace1383532432c0 /NEWS | |
| parent | c9f57eac2a1cb2675da6ac1d9972609faf6c1ea0 (diff) | |
| download | gnutls-4353ea025ae032887f3e8cf5aadace25662c6b35.tar.gz | |
released 3.4.1gnutls_3_6_5
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 25 |
1 files changed, 14 insertions, 11 deletions
@@ -5,10 +5,10 @@ Copyright (C) 2000-2016 Free Software Foundation, Inc. Copyright (C) 2013-2017 Nikos Mavrogiannopoulos See the end for copying conditions. -* Version 3.6.5 (unreleased) +* Version 3.6.5 (released 2018-12-01) ** libgnutls: Provide the option of transparent re-handshake/reauthentication - when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init(). + when the GNUTLS_AUTO_REAUTH flag is specified in gnutls_init() (#571). ** libgnutls: Added support for TLS 1.3 zero round-trip (0-RTT) mode (#127) @@ -18,9 +18,21 @@ See the end for copying conditions. servers which do not support TLS1.3 will negotiate TLS1.2 which will be rejected by the client as disabled (#621). +** libgnutls: Change RSA decryption to use a new side-channel silent function. + This addresses a security issue where memory access patterns as well as timing + on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher + attacks. Side-channel resistant code is slower due to the need to mask + access and timings. When used in TLS the new functions cause RSA based + handshakes to be between 13% and 28% slower on average (Numbers are indicative, + the tests where performed on a relatively modern Intel CPU, results vary + depending on the CPU and architecture used). This change makes nettle 3.4.1 + the minimum requirement of gnutls (#630). [CVSS: medium] + ** libgnutls: gnutls_priority_init() and friends, allow the CTYPE-OPENPGP keyword in the priority string. It is only accepted as legacy option and is ignored. +** libgnutls: Added support for EdDSA under PKCS#11 (#417) + ** libgnutls: Added support for AES-CFB8 cipher (#357) ** libgnutls: Added support for AES-CMAC MAC (#351) @@ -41,15 +53,6 @@ See the end for copying conditions. ** certtool: Add parameter --no-text that prevents certtool from outputting text before PEM-encoded private key, public key, certificate, CRL or CSR. -** libgnutls: Change RSA decryption to use a new side-channel silent function. - This addresses a security issue where memory access patterns as well as timing - on the underlying Nettle rsa-decrypt function could lead to new Bleichenbacher - attacks. Side-channel resistant code is slower due to the need to mask - access and timings. When used in TLS the new functions cause RSA based - handshakes to be between 13% and 28% slower on average (Numbers are indicative, - the tests where performed on a relatively modern Intel CPU, results vary - depending on the CPU and architecture used). - ** API and ABI modifications: GNUTLS_AUTO_REAUTH: Added GNUTLS_CIPHER_AES_128_CFB8: Added |