From eda8dce3afa66e2dfa07fce7917659595a59afb8 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
Date: Tue, 18 Sep 2012 21:48:34 +0200
Subject: [PATCH] updated

---
 NEWS | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/NEWS b/NEWS
index 6532f049c..77ca5902d 100644
--- a/NEWS
+++ b/NEWS
@@ -7,9 +7,16 @@ See the end for copying conditions.
 ** libgnutls: The %COMPAT keyword, if specified, will tolerate
 key usage violation errors (they are far too common to ignore).
 
+** libgnutls: Added X.509 certificate verification flag 
+GNUTLS_VERIFY_ALLOW_UNSORTED_CHAIN. This flag allows the verification
+of unsorted certificate chains and is enabled by default for
+TLS certificate verification (if gnutls_certificate_set_verify_flags() 
+does not override it).
+
 ** libgnutls: Added GNUTLS_STATELESS_COMPRESSION flag to gnutls_init(),
 which provides a tool to counter compression-related attacks where
-parts of the data are controlled by the attacker.
+parts of the data are controlled by the attacker _and_ placed in
+separate records (use with care - do not use compression if not sure).
 
 ** libgnutls: Depends on libtasn1 2.14 or later.
 
-- 
2.11.4.GIT