diff options
Diffstat (limited to 'NEWS')
-rw-r--r-- | NEWS | 4 |
1 files changed, 4 insertions, 0 deletions
@@ -45,6 +45,10 @@ See the end for copying conditions. gnutls_x509_crt_set_serial(), will fail on input considered to be invalid in RFC5280. +** libgnutls: No longer enable SECP192R1 and SECP224R1 by default on TLS handshakes. + These curves were rarely used for that purpose and provide no advantage over + x25519. + ** libgnutls: SHA1 was removed from the trusted set of hashes. Verification and other operations relying on SHA1 is now considered insecure and will fail, unless flags intended to enable broken algorithms are set. This |