Debian
gnutls26 package

gnutls26 2.6.6-1 source package in Debian

Changelog

gnutls26 (2.6.6-1) unstable; urgency=high


  * use @LTLIBTASN1@ instead of @LIBTASN1@ in Libs.private of *.pc.in. This
    way lib-link.m4 gives us -ltasn1 instead of /usr/lib/libtasn1.so.
  * New upstream security release.
    + libgnutls: Corrected double free on signature verification failure.
      GNUTLS-SA-2009-1 CVE-2009-1415
    + libgnutls: Fix DSA key generation. Noticed when investigating the
      previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS
      2.6.x are corrupt.  See the advisory for more details.
      GNUTLS-SA-2009-2 CVE-2009-1416
    + libgnutls: Check expiration/activation time on untrusted certificates.
      Before the library did not check activation/expiration times on
      certificates, and was documented as not doing so.
      GNUTLS-SA-2009-3 CVE-2009-1417
   * The former two issues only apply to gnutls 2.6.x. The latter is a
     brehavior change, add a NEWS.Debian file to document it.

 -- Andreas Metzler <email address hidden>  Thu, 30 Apr 2009 19:00:21 +0200

Upload details

Uploaded by:
Debian GnuTLS Maintainers
Uploaded to:
Sid
Original maintainer:
Debian GnuTLS Maintainers
Architectures:
any
Section:
devel
Urgency:
Very Urgent

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
gnutls26_2.6.6-1.dsc 1.5 KiB 3f86548588d9641385f7edb1d541ed398cc530076f47f7b5177443b37a6b3f34
gnutls26_2.6.6.orig.tar.gz 5.9 MiB 2fae439967df9ffb7a52f5f2c169a7fc589cbd14ba313f29f88fe5012db77082
gnutls26_2.6.6-1.diff.gz 16.3 KiB 3a709b6ab7decdb928951b74f9dddb8d1c49b73b39bb1d34463de7eb92ae7889

No changes file available.

Binary packages built by this source