Hello, I've just released gnutls 3.4.13. This is a bug fix release of the current stable branch, which addresses a vulnerability for setuid programs introduced in gnutls 3.4.12 -see http://www.gnutls.org/security.html#GNUTLS-SA-2016-1
* Version 3.4.13 (released 2016-06-06) ** libgnutls: Consider the SSLKEYLOGFILE environment to be compatible with NSS instead of using a separate variable; in addition append any keys to the file instead of overwriting it. ** libgnutls: use secure_getenv() where available to obtain environment variables. Addresses GNUTLS-SA-2016-1. ** API and ABI modifications: No changes since last version. Getting the Software ==================== GnuTLS may be downloaded directly from <ftp://ftp.gnutls.org/gcrypt/gnutls/>. A list of GnuTLS mirrors can be found at <http://www.gnutls.org/download.html>. Here are the XZ compressed sources: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.13.tar.xz Here are OpenPGP detached signatures signed using key 0x96865171: ftp://ftp.gnutls.org/gcrypt/gnutls/v3.4/gnutls-3.4.13.tar.xz.sig Note that it has been signed with my openpgp key: pub 3104R/96865171 2008-05-04 [expires: 2028-04-29] uid Nikos Mavrogiannopoulos <nmav <at> gnutls.org> uid Nikos Mavrogiannopoulos <n.mavrogiannopoulos <at> gmail.com> sub 2048R/9013B842 2008-05-04 [expires: 2018-05-02] sub 2048R/1404A91D 2008-05-04 [expires: 2018-05-02] regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
