* Version 2.8.6 (released 2010-03-15) ** libgnutls: For CSRs, don't null pad integers for RSA/DSA value. VeriSign rejected CSRs with this padding. Reported by Wilankar Trupti <trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>. Note: As a side effect of this change, the "public key identifier" value computed for a certificate using this version of GnuTLS will be different from values computed using earlier versions of GnuTLS. ** libgnutls: For CSRs on DSA keys, don't add DSA parameters to the ** optional SignatureAlgorithm parameter field. VeriSign rejected these CSRs. They are stricly speaking not needed since you need the signer's certificate to verify the certificate signature anyway. Reported by Wilankar Trupti <trupti.wilankar@hp.com> and Boyan Kasarov <bkasarov@gmail.com>. ** libgnutls: When checking openpgp self signature also check the signatures ** of all subkeys. Ilari Liusvaara noticed and reported the issue and provided test vectors as well. ** libgnutls: Cleanups and several bug fixes. Found by Steve Grubb and Tomas Mraz. ** Link libgcrypt explicitly to certtool, gnutls-cli, gnutls-serv. ** Fix --disable-valgrind-tests. Reported by Ingmar Vanhassel in <https://savannah.gnu.org/support/?107029>. ** examples: Use the new APIs for printing X.509 certificate information. ** Fix build failures on Solaris. Thanks to Dagobert Michelsen <dam@opencsw.org>. ** i18n: Updated Czech, Dutch, French, Polish, Swedish and Vietnamese ** translations. Added Simplified Chinese translation. ** API and ABI modifications: No changes since last version.
Apparently it was fixed some time ago.
