summaryrefslogtreecommitdiff
path: root/NEWS
diff options
context:
space:
mode:
Diffstat (limited to 'NEWS')
-rw-r--r--NEWS4
1 files changed, 4 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index b8eb702786..2894f707d9 100644
--- a/NEWS
+++ b/NEWS
@@ -45,6 +45,10 @@ See the end for copying conditions.
gnutls_x509_crt_set_serial(), will fail on input considered to be invalid
in RFC5280.
+** libgnutls: No longer enable SECP192R1 and SECP224R1 by default on TLS handshakes.
+ These curves were rarely used for that purpose and provide no advantage over
+ x25519.
+
** libgnutls: SHA1 was removed from the trusted set of hashes. Verification
and other operations relying on SHA1 is now considered insecure and will
fail, unless flags intended to enable broken algorithms are set. This