Noteworthy changes in release 4.11 (released 2017-05-27) [stable]

• Introduced the ASN1_TIME_ENCODING_ERROR error code to indicate an invalid encoding in the DER time fields.
• Introduced flag ASN1_DECODE_FLAG_ALLOW_INCORRECT_TIME. This flag allows decoding errors in time fields even when in strict DER mode. That is introduced in order to allow toleration of invalid times in X.509 certificates (which are common) even though strict DER adherence is enforced in other fields.
• Added safety check in asn1_find_node(). That prevents a crash when a very long variable name is provided by the developer. Note that this to be exploited requires controlling the ASN.1 definitions used by the developer, i.e., the 'name' parameter of asn1_write_value() or asn1_read_value(). The library is not designed to protect against malicious manipulation of the developer assigned variable names. Reported by Jakub Jirasek.

Noteworthy changes in release 4.10 (released 2017-01-16) [stable]

• Updated gnulib
• Removed -Werror from default compiler flags
• Fixed undefined behavior when negating integers in _asn1_ltostr(). Issue found by oss-fuzz project (via gnutls): https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=388
• Pass the correct length to _asn1_get_indefinite_length_string in asn1_get_length_ber. This addresses reading 1-byte past the end of data. Issue found by oss-fuzz project (via gnutls): https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=330 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=331