diff -Nru gnutls26-2.12.14/debian/changelog gnutls26-2.12.14/debian/changelog --- gnutls26-2.12.14/debian/changelog 2014-02-24 19:01:03.000000000 +0000 +++ gnutls26-2.12.14/debian/changelog 2014-03-03 19:16:13.000000000 +0000 @@ -1,3 +1,12 @@ +gnutls26 (2.12.14-5ubuntu3.7) precise-security; urgency=medium + + * SECURITY UPDATE: certificate validation bypass + - debian/patches/CVE-2014-0092.patch: correct return codes in + lib/x509/verify.c. + - CVE-2014-0092 + + -- Marc Deslauriers Mon, 03 Mar 2014 14:16:13 -0500 + gnutls26 (2.12.14-5ubuntu3.6) precise-security; urgency=medium * SECURITY UPDATE: incorrect v1 intermediate cert handling diff -Nru gnutls26-2.12.14/debian/patches/CVE-2014-0092.patch gnutls26-2.12.14/debian/patches/CVE-2014-0092.patch --- gnutls26-2.12.14/debian/patches/CVE-2014-0092.patch 1970-01-01 00:00:00.000000000 +0000 +++ gnutls26-2.12.14/debian/patches/CVE-2014-0092.patch 2014-03-03 19:16:07.000000000 +0000 @@ -0,0 +1,102 @@ +From 6aa26f78150ccbdf0aec1878a41c17c41d358a3b Mon Sep 17 00:00:00 2001 +From: Nikos Mavrogiannopoulos +Date: Thu, 27 Feb 2014 19:42:26 +0100 +Subject: [PATCH] corrected return codes + +--- + lib/x509/verify.c | 16 ++++++++++------ + 1 files changed, 10 insertions(+), 6 deletions(-) + +diff --git a/lib/x509/verify.c b/lib/x509/verify.c +index c9a6b0d..eef85a8 100644 +--- a/lib/x509/verify.c ++++ b/lib/x509/verify.c +@@ -141,7 +141,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -150,7 +150,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -158,7 +158,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + result = +@@ -166,7 +166,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, + if (result < 0) + { + gnutls_assert (); +- goto cleanup; ++ goto fail; + } + + /* If the subject certificate is the same as the issuer +@@ -206,6 +206,7 @@ check_if_ca (gnutls_x509_crt_t cert, gnutls_x509_crt_t issuer, + else + gnutls_assert (); + ++fail: + result = 0; + + cleanup: +@@ -330,7 +331,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, + gnutls_datum_t cert_signed_data = { NULL, 0 }; + gnutls_datum_t cert_signature = { NULL, 0 }; + gnutls_x509_crt_t issuer = NULL; +- int issuer_version, result; ++ int issuer_version, result = 0; + + if (output) + *output = 0; +@@ -363,7 +364,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, + if (issuer_version < 0) + { + gnutls_assert (); +- return issuer_version; ++ return 0; + } + + if (!(flags & GNUTLS_VERIFY_DISABLE_CA_SIGN) && +@@ -385,6 +386,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, + if (result < 0) + { + gnutls_assert (); ++ result = 0; + goto cleanup; + } + +@@ -393,6 +395,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, + if (result < 0) + { + gnutls_assert (); ++ result = 0; + goto cleanup; + } + +@@ -410,6 +413,7 @@ _gnutls_verify_certificate2 (gnutls_x509_crt_t cert, + else if (result < 0) + { + gnutls_assert(); ++ result = 0; + goto cleanup; + } + +-- +1.7.1 + diff -Nru gnutls26-2.12.14/debian/patches/series gnutls26-2.12.14/debian/patches/series --- gnutls26-2.12.14/debian/patches/series 2014-02-24 19:00:58.000000000 +0000 +++ gnutls26-2.12.14/debian/patches/series 2014-03-03 19:16:07.000000000 +0000 @@ -11,3 +11,4 @@ CVE-2013-2116.patch 26_ignore_key_usage_violation.patch CVE-2014-1959.patch +CVE-2014-0092.patch