We're on 3.4.7 but 3.4.11 is available. No CVE has been issued since our last upgrade though.
GnuTLS has been upgraded from 3.4.7 to 3.5.1.
CVE:s fixed since 3.4.7:
File overwrite by setuid programs
Introduced in 3.4.12, fixed in 3.4.13 - we were never affected
I've verified that the http/https detection still works, and that Firefox and Google Chrome are happy with the selected cryptos with tlstunnel on x86_64.
Mime-type property was lost on new tar-file. Added application-x/xz.
Verified commit and that Chavez is building with new libs. Tested with webadmin and webaccess with 2048 and 4096 bit keys.