Release of GnuTLS 3.6.10

Release of GnuTLS 3.6.10 incorporating TLS1.3 related fixes and stability fixes. This is a stable release, and any potential new features must not be enabled by default to create a stable ABI (i.e., they can still be added but must be explicitly enabled by the application if applicable).

See our release policy for more information

Some issues can’t be shown in the burndown chart, as they were closed on an older GitLab version before data was recorded. About burndown charts

Unstarted Issues (open and unassigned)

Ongoing Issues (open and assigned)

Completed Issues (closed)

certtool --generate-privkey leaks private key by default
#840 3_6_x
gnutls-serv and gnutls-client fail with "Detected downgrade to TLS 1.2 from TLS 1.3"
#837
gnutls_certificate_set_ocsp_status_request_file2: wrong success return value documentaion
#836
nettle 3.5 issues/warnings
#835
gnutls_record_send() fails with GNUTLS_E_INVALID_REQUEST
#823 3_6_x
wrong text relocations on i386 due to non-PIC assembly
#818 3_6_x
gcc 4.8: does not contain __get_cpuid_count()
#812 3_6_x
Connection problems with older servers (record packet with invalid length was received)
#811 3_6_x
gnutls 3.6.9 fails to build: WARNING: 'autogen' is missing on your system.
#810 3_6_x
Minor inaccuracy in gnutls_record_send() documentation?
#806 3_6_x
fuzzying: enable raw public keys
#687 3_6_x
optional: Support for deterministic ECDSA
#94 tls1.3 additional features 3_6_x