Change log for gnutls26 package in Ubuntu
| 1 → 75 of 96 results | First • Previous • Next • Last |
| Published in trusty-proposed |
gnutls26 (2.12.23-12ubuntu2.10) trusty; urgency=medium
* Backport an upstream commit for better TLS 1.2 compatibility during
handshakes (LP: #1444656):
- debian/patches/fix-tls12-handshake.diff: This fixes a handshake
failure on TLS 1.2 connections when one or more certificates in the
chain use the SHA384 or SHA512 signature algorithm.
-- <email address hidden> (Samuel D. Leslie) Sun, 03 Sep 2017 12:06:52 +1000
Available diffs
| Deleted in trusty-proposed (Reason: SRU abandoned (verification-failed)) |
gnutls26 (2.12.23-12ubuntu2.9) trusty; urgency=medium
* use_normal_priority_for_openssl_sslv23.diff by Andreas Metzler:
OpenSSL wrapper: SSLv23_*_method translates to NORMAL GnuTLS priority,
which includes TLS1.2 support. (LP: #1709193)
-- Simon Deziel <email address hidden> Thu, 10 Aug 2017 15:40:49 +0000
Available diffs
gnutls26 (2.12.23-12ubuntu2.8) trusty-security; urgency=medium
* SECURITY UPDATE: DoS and possible code execution via OpenPGP
certificate decoding
- debian/patches/CVE-2017-7869.patch: enforce packet limits in
lib/opencdk/read-packet.c.
- CVE-2017-7869
-- Marc Deslauriers <email address hidden> Mon, 12 Jun 2017 09:35:01 -0400
Available diffs
gnutls26 (2.12.23-12ubuntu2.7) trusty-security; urgency=medium
* SECURITY UPDATE: denial of service via warning alerts
- debian/patches/CVE-2016-8610.patch: set a maximum number of warning
messages in lib/gnutls_int.h, lib/gnutls_handshake.c,
lib/gnutls_state.c.
- CVE-2016-8610
-- Marc Deslauriers <email address hidden> Wed, 15 Mar 2017 15:20:21 -0400
Available diffs
gnutls26 (2.12.14-5ubuntu3.14) precise-security; urgency=medium
* SECURITY UPDATE: denial of service via warning alerts
- debian/patches/CVE-2016-8610.patch: set a maximum number of warning
messages in lib/gnutls_int.h, lib/gnutls_handshake.c,
lib/gnutls_state.c.
- CVE-2016-8610
-- Marc Deslauriers <email address hidden> Wed, 15 Mar 2017 18:59:53 -0400
Available diffs
gnutls26 (2.12.14-5ubuntu3.13) precise-security; urgency=medium
* SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
lib/opencdk/read-packet.c.
- CVE-2017-5335
* SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
lib/opencdk/pubkey.c.
- CVE-2017-5336
* SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
lib/opencdk/read-packet.c.
- CVE-2017-5337
-- Marc Deslauriers <email address hidden> Thu, 26 Jan 2017 13:45:02 -0500
Available diffs
gnutls26 (2.12.23-12ubuntu2.6) trusty-security; urgency=medium
* SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
lib/opencdk/read-packet.c.
- CVE-2017-5335
* SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
lib/opencdk/pubkey.c.
- CVE-2017-5336
* SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
lib/opencdk/read-packet.c.
- CVE-2017-5337
-- Marc Deslauriers <email address hidden> Thu, 26 Jan 2017 13:42:43 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu3.12) precise-security; urgency=medium
* debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list compare the name and key. This will
allow the future removal of 1024-bit RSA keys from the ca-certificates
package.
-- Marc Deslauriers <email address hidden> Fri, 05 Feb 2016 13:51:23 -0500
Available diffs
gnutls26 (2.12.23-12ubuntu2.5) trusty-security; urgency=medium
* debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list compare the name and key. This will
allow the future removal of 1024-bit RSA keys from the ca-certificates
package.
-- Marc Deslauriers <email address hidden> Fri, 05 Feb 2016 08:49:43 -0500
Available diffs
gnutls26 (2.12.23-12ubuntu2.4) trusty-security; urgency=medium
* SECURITY UPDATE: incorrect RSA+MD5 support with TLS 1.2
- debian/patches/CVE-2015-7575.patch: do not consider any values from
the extension data to decide acceptable algorithms in
lib/ext_signature.c.
- CVE-2015-7575
-- Marc Deslauriers <email address hidden> Thu, 07 Jan 2016 10:38:24 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu3.11) precise-security; urgency=medium
* SECURITY UPDATE: incorrect RSA+MD5 support with TLS 1.2
- debian/patches/CVE-2015-7575.patch: do not consider any values from
the extension data to decide acceptable algorithms in
lib/ext_signature.c.
- CVE-2015-7575
-- Marc Deslauriers <email address hidden> Thu, 07 Jan 2016 10:41:27 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu3.10) precise-security; urgency=low
* SECURITY UPDATE: Poodle TLS issue
- debian/patches/fix_tls_poodle.patch: fixes off by one
issue in padding check.
Patch created by Hanno Boeck (https://hboeck.de/)
(LP: #1510163)
-- Bryan Quigley <email address hidden> Wed, 25 Nov 2015 21:37:58 +0000
Available diffs
gnutls26 (2.12.23-12ubuntu2.3) trusty-security; urgency=medium
* SECURITY UPDATE: Poodle TLS issue
- debian/patches/fix_tls_poodle.patch: fixes off by one
issue in padding check.
Patch created by Hanno Boeck (https://hboeck.de/)
(LP: #1510163)
-- Bryan Quigley <email address hidden> Wed, 25 Nov 2015 21:37:33 +0000
Available diffs
| Deleted in vivid-proposed (Reason: Superseded by gnutls28) |
gnutls26 (2.12.23-18ubuntu1) vivid; urgency=medium
* Merge with Debian; remaining changes:
- Link test-lock and test-thread_create with -Wl,--no-as-needed; see
https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
- debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.
* Dropped changes:
- restore sipsak Breaks, ours is now new enough to deal with this.
- drop CVE-2014-3466 security upload, included in debian.
- debian/patches/99_update-libtool.patch: Debian uses autoreconf.
Available diffs
gnutls26 (2.8.5-2ubuntu0.7) lucid-security; urgency=medium
* SECURITY UPDATE: signature forgery issue
- debian/patches/CVE-2015-0282.patch: make sure the signature
algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
lib/x509/privkey.c, lib/x509/verify.c, lib/x509/x509.c,
lib/x509/x509_int.h.
- CVE-2015-0282
* SECURITY UPDATE: certificate algorithm consistency issue
- debian/patches/CVE-2015-0294.patch: make sure the two signature
algorithms match on cert import in lib/x509/x509.c.
- CVE-2015-0294
* SECURITY UPDATE: missing date/time checks on CA certificates
- debian/patches/CVE-2014-8155.patch: perform time verification on
trusted certificate list in lib/includes/gnutls/x509.h,
lib/x509/verify.c.
- CVE-2014-8155
-- Marc Deslauriers <email address hidden> Fri, 20 Mar 2015 09:56:50 -0400
Available diffs
gnutls26 (2.12.14-5ubuntu3.9) precise-security; urgency=medium
* SECURITY UPDATE: signature forgery issue
- debian/patches/CVE-2015-0282.patch: make sure the signature
algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/x509/common.h,
lib/x509/crq.c, lib/x509/privkey.c, lib/x509/verify.c,
lib/x509/x509.c, lib/x509/x509_int.h.
- CVE-2015-0282
* SECURITY UPDATE: certificate algorithm consistency issue
- debian/patches/CVE-2015-0294.patch: make sure the two signature
algorithms match on cert import in lib/x509/x509.c.
- CVE-2015-0294
-- Marc Deslauriers <email address hidden> Fri, 20 Mar 2015 09:26:34 -0400
Available diffs
gnutls26 (2.12.23-12ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: signature forgery issue
- debian/patches/CVE-2015-0282.patch: make sure the signature
algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h,
lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/x509/common.h,
lib/x509/crq.c, lib/x509/privkey.c, lib/x509/verify.c,
lib/x509/x509.c, lib/x509/x509_int.h.
- CVE-2015-0282
* SECURITY UPDATE: certificate algorithm consistency issue
- debian/patches/CVE-2015-0294.patch: make sure the two signature
algorithms match on cert import in lib/x509/x509.c.
- CVE-2015-0294
-- Marc Deslauriers <email address hidden> Fri, 20 Mar 2015 09:08:01 -0400
| Deleted in vivid-release (Reason: Superseded by gnutls28) |
| Obsolete in utopic-release |
| Superseded in utopic-release |
| Deleted in utopic-proposed (Reason: moved to release) |
gnutls26 (2.12.23-15ubuntu2) utopic; urgency=medium
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
-- Marc Deslauriers <email address hidden> Sun, 01 Jun 2014 11:02:11 -0400
Available diffs
- diff from 2.12.23-15ubuntu1 to 2.12.23-15ubuntu2 (1002 bytes)
gnutls26 (2.12.23-1ubuntu4.3) saucy-security; urgency=medium
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
-- Marc Deslauriers <email address hidden> Sun, 01 Jun 2014 11:04:16 -0400
Available diffs
gnutls26 (2.12.23-12ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
-- Marc Deslauriers <email address hidden> Sun, 01 Jun 2014 11:03:46 -0400
Available diffs
gnutls26 (2.12.14-5ubuntu3.8) precise-security; urgency=medium
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
-- Marc Deslauriers <email address hidden> Sun, 01 Jun 2014 11:04:42 -0400
Available diffs
gnutls26 (2.8.5-2ubuntu0.6) lucid-security; urgency=medium
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
-- Marc Deslauriers <email address hidden> Sun, 01 Jun 2014 11:06:47 -0400
Available diffs
gnutls26 (2.12.23-15ubuntu1) utopic; urgency=medium
* Merge with Debian; remaining changes:
- Drop the sipsak Breaks on armhf back to (<= 0.9.6-2.1), which is
sufficient for Ubuntu. The former versioning rendered sipsak
uninstallable.
- Link test-lock and test-thread_create with -Wl,--no-as-needed; see
https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
- debian/patches/99_update-libtool.patch: Update libtool.m4
- debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.
* Dropped changes:
- gnutls-bin is now going to be build from gnutls28 package, as it is
now GPLv2 compatible.
- security upload, included in debian.
Available diffs
| Superseded in utopic-release |
| Published in trusty-release |
| Deleted in trusty-proposed (Reason: moved to release) |
gnutls26 (2.12.23-12ubuntu2) trusty; urgency=medium
* SECURITY UPDATE: certificate validation bypass
- debian/patches/CVE-2014-0092.patch: correct return codes in
lib/x509/verify.c.
- CVE-2014-0092
-- Marc Deslauriers <email address hidden> Mon, 03 Mar 2014 14:10:30 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu3.7) precise-security; urgency=medium
* SECURITY UPDATE: certificate validation bypass
- debian/patches/CVE-2014-0092.patch: correct return codes in
lib/x509/verify.c.
- CVE-2014-0092
-- Marc Deslauriers <email address hidden> Mon, 03 Mar 2014 14:16:13 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu4.6) quantal-security; urgency=medium
* SECURITY UPDATE: certificate validation bypass
- debian/patches/CVE-2014-0092.patch: correct return codes in
lib/x509/verify.c.
- CVE-2014-0092
-- Marc Deslauriers <email address hidden> Mon, 03 Mar 2014 14:15:34 -0500
Available diffs
gnutls26 (2.12.23-1ubuntu4.2) saucy-security; urgency=medium
* SECURITY UPDATE: certificate validation bypass
- debian/patches/CVE-2014-0092.patch: correct return codes in
lib/x509/verify.c.
- CVE-2014-0092
-- Marc Deslauriers <email address hidden> Mon, 03 Mar 2014 14:14:00 -0500
Available diffs
gnutls26 (2.8.5-2ubuntu0.5) lucid-security; urgency=medium
* SECURITY UPDATE: certificate validation bypass
- debian/patches/CVE-2014-0092.patch: correct return codes in
lib/x509/verify.c.
- CVE-2014-0092
-- Marc Deslauriers <email address hidden> Mon, 03 Mar 2014 14:30:43 -0500
Available diffs
gnutls26 (2.12.23-12ubuntu1) trusty; urgency=medium
* Merge with Debian; remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
- Drop the sipsak Breaks on armhf back to (<= 0.9.6-2.1), which is
sufficient for Ubuntu. The former versioning rendered sipsak
uninstallable.
- Link test-lock and test-thread_create with -Wl,--no-as-needed; see
https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
- debian/patches/99_update-libtool.patch: Update libtool.m4
- debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.
Available diffs
| Superseded in trusty-proposed |
gnutls26 (2.12.23-1ubuntu6) trusty; urgency=medium
* SECURITY UPDATE: incorrect v1 intermediate cert handling
- debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate
cert to be a valid CA by default in lib/x509/verify.c.
- CVE-2014-1959
-- Marc Deslauriers <email address hidden> Mon, 24 Feb 2014 13:56:26 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu3.6) precise-security; urgency=medium
* SECURITY UPDATE: incorrect v1 intermediate cert handling
- debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate
cert to be a valid CA by default in lib/x509/verify.c.
- CVE-2014-1959
-- Marc Deslauriers <email address hidden> Mon, 24 Feb 2014 14:01:03 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu4.5) quantal-security; urgency=medium
* SECURITY UPDATE: incorrect v1 intermediate cert handling
- debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate
cert to be a valid CA by default in lib/x509/verify.c.
- CVE-2014-1959
-- Marc Deslauriers <email address hidden> Mon, 24 Feb 2014 14:00:29 -0500
Available diffs
gnutls26 (2.12.23-1ubuntu4.1) saucy-security; urgency=medium
* SECURITY UPDATE: incorrect v1 intermediate cert handling
- debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate
cert to be a valid CA by default in lib/x509/verify.c.
- CVE-2014-1959
-- Marc Deslauriers <email address hidden> Mon, 24 Feb 2014 13:59:47 -0500
Available diffs
gnutls26 (2.12.23-1ubuntu5) trusty; urgency=low
* 25_updatedgdocfrommaster.diff - Update gdoc script from gnutls master to
fix spurious build failure with perl 5.18. Closes: #724167
* debian/patches/99_update-libtool.patch: Update libtool.m4
* debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.
-- Adam Conrad <email address hidden> Wed, 04 Dec 2013 23:23:10 -0700
Available diffs
| Superseded in trusty-release |
| Obsolete in saucy-release |
| Deleted in saucy-proposed (Reason: moved to release) |
gnutls26 (2.12.23-1ubuntu4) saucy; urgency=low
* Link test-lock and test-thread_create with -Wl,--no-as-needed; see
https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
Based on a similar change by Matthias Klose in libidn.
-- Colin Watson <email address hidden> Mon, 07 Oct 2013 15:51:16 +0100
Available diffs
| Superseded in saucy-proposed |
gnutls26 (2.12.23-1ubuntu3) saucy; urgency=low
* Drop the sipsak Breaks on armhf back to (<= 0.9.6-2.1), which is
sufficient for Ubuntu. The former versioning rendered sipsak
uninstallable.
-- Colin Watson <email address hidden> Sat, 05 Oct 2013 00:00:39 +0100
Available diffs
- diff from 2.12.23-1ubuntu2 to 2.12.23-1ubuntu3 (722 bytes)
gnutls26 (2.12.14-5ubuntu4.4) quantal-proposed; urgency=low
* debian/patches/21_ignore_key_usage_violation.patch:
Prints debug message on key usage violation rather than treating
the violation as fatal. (LP: #1207123)
-- Adam Stokes <email address hidden> Mon, 05 Aug 2013 11:15:19 -0400
Available diffs
gnutls26 (2.12.14-5ubuntu3.5) precise-proposed; urgency=low
* debian/patches/26_ignore_key_usage_violation.patch:
Prints debug message on key usage violation rather than treating
the violation as fatal. (LP: #1207123)
-- Adam Stokes <email address hidden> Mon, 05 Aug 2013 11:57:10 -0400
Available diffs
gnutls26 (2.12.23-1ubuntu2) saucy; urgency=low
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/CVE-2013-2116.patch: added sanity check in
lib/gnutls_cipher.c.
- CVE-2013-2116
-- Marc Deslauriers <email address hidden> Mon, 27 May 2013 08:34:01 -0400
Available diffs
- diff from 2.12.23-1ubuntu1 to 2.12.23-1ubuntu2 (1014 bytes)
gnutls26 (2.12.14-5ubuntu4.3) quantal-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/CVE-2013-2116.patch: added sanity check in
lib/gnutls_cipher.c.
- CVE-2013-2116
-- Marc Deslauriers <email address hidden> Mon, 27 May 2013 08:40:42 -0400
Available diffs
gnutls26 (2.12.23-1ubuntu1.1) raring-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/CVE-2013-2116.patch: added sanity check in
lib/gnutls_cipher.c.
- CVE-2013-2116
-- Marc Deslauriers <email address hidden> Mon, 27 May 2013 08:39:49 -0400
Available diffs
gnutls26 (2.12.14-5ubuntu3.4) precise-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/CVE-2013-2116.patch: added sanity check in
lib/gnutls_cipher.c.
- CVE-2013-2116
-- Marc Deslauriers <email address hidden> Mon, 27 May 2013 08:41:23 -0400
Available diffs
gnutls26 (2.8.5-2ubuntu0.4) lucid-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/CVE-2013-2116.patch: added sanity check in
lib/gnutls_cipher.c.
- CVE-2013-2116
-- Marc Deslauriers <email address hidden> Mon, 27 May 2013 08:42:39 -0400
Available diffs
- diff from 2.8.5-2ubuntu0.3 to 2.8.5-2ubuntu0.4 (973 bytes)
gnutls26 (2.12.14-5ubuntu3.3) precise-proposed; urgency=low
* debian/patches/lp1095052.patch:
- Added new patch, derived from an upstream revision, which provides
a fix for an issue where client certificate authentication will
fail. (LP: #1095052)
-- Timo Aaltonen <email address hidden> Mon, 22 Apr 2013 20:39:44 +0300
Available diffs
| Superseded in saucy-release |
| Obsolete in raring-release |
| Deleted in raring-proposed (Reason: moved to release) |
gnutls26 (2.12.23-1ubuntu1) raring; urgency=low
* Merge from debian-experimental, remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
* Drop gnulib-gets.diff: upstream.
Available diffs
- diff from 2.12.20-2ubuntu1 to 2.12.23-1ubuntu1 (264.6 KiB)
gnutls26 (2.8.5-2ubuntu0.3) lucid-security; urgency=low
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-1619.patch: avoid timing attacks in
lib/gnutls_cipher.c, lib/gnutls_hash_int.h.
- CVE-2013-1619
-- Marc Deslauriers <email address hidden> Mon, 25 Feb 2013 12:36:24 -0500
Available diffs
gnutls26 (2.10.5-1ubuntu3.3) oneiric-security; urgency=low
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-1619.patch: avoid timing attacks in
lib/gnutls_cipher.c, lib/gnutls_hash_int.h.
- CVE-2013-1619
-- Marc Deslauriers <email address hidden> Mon, 25 Feb 2013 11:52:02 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu3.2) precise-security; urgency=low
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-1619.patch: avoid timing attacks in
lib/gnutls_cipher.c, lib/gnutls_hash_int.h.
- CVE-2013-1619
-- Marc Deslauriers <email address hidden> Mon, 25 Feb 2013 11:43:21 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu4.2) quantal-security; urgency=low
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/CVE-2013-1619.patch: avoid timing attacks in
lib/gnutls_cipher.c, lib/gnutls_hash_int.h.
- CVE-2013-1619
-- Marc Deslauriers <email address hidden> Mon, 25 Feb 2013 11:31:46 -0500
Available diffs
gnutls26 (2.12.14-5ubuntu4.1) quantal-proposed; urgency=low
* debian/patches/lp1095052.patch:
- Added new patch, derived from an upstream revision, which provides
a fix for an issue where client certificate authentication will
fail. (LP: #1095052)
-- Thomas Ward <email address hidden> Mon, 07 Jan 2013 19:52:48 +0000
Available diffs
gnutls26 (2.12.20-2ubuntu1) raring; urgency=low
* Resynchronise with Debian. Remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
* Avoid assuming that gets is declared.
Available diffs
gnutls26 (2.8.5-2ubuntu0.2) lucid-proposed; urgency=low
* Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841).
-- Thorsten Glaser <email address hidden> Thu, 31 May 2012 14:07:11 +0200
Available diffs
gnutls26 (2.10.5-1ubuntu3.2) oneiric-proposed; urgency=low
* Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841).
-- Thorsten Glaser <email address hidden> Thu, 24 May 2012 11:10:16 +0200
Available diffs
gnutls26 (2.12.14-5ubuntu3.1) precise-proposed; urgency=low
* Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841).
-- Thorsten Glaser <email address hidden> Thu, 24 May 2012 11:19:12 +0200
Available diffs
gnutls26 (2.12.14-5ubuntu4) quantal; urgency=low
* Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841).
-- Thorsten Glaser <email address hidden> Thu, 24 May 2012 11:19:12 +0200
Available diffs
gnutls26 (2.12.14-5ubuntu3) precise; urgency=low * SECURITY UPDATE: Denial of service via crafted TLS record (LP: #978661) - debian/patches/CVE-2012-1573.patch: Validate the size of a GenericBlockCipher structure as it is processed. Based on upstream patch. - CVE-2012-1573 -- Tyler Hicks <email address hidden> Wed, 11 Apr 2012 02:52:23 -0500
Available diffs
- diff from 2.12.14-5ubuntu2 to 2.12.14-5ubuntu3 (1005 bytes)
gnutls26 (2.8.5-2ubuntu0.1) lucid-security; urgency=low
* SECURITY UPDATE: Denial of service in client application
- debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/CVE-2012-1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
-- Tyler Hicks <email address hidden> Wed, 04 Apr 2012 11:13:02 -0500
Available diffs
gnutls26 (2.8.6-1ubuntu0.1) maverick-security; urgency=low
* SECURITY UPDATE: Denial of service in client application
- debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/CVE-2012-1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
-- Tyler Hicks <email address hidden> Wed, 04 Apr 2012 11:13:02 -0500
Available diffs
gnutls26 (2.8.6-1ubuntu2.1) natty-security; urgency=low
* SECURITY UPDATE: Denial of service in client application
- debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/CVE-2012-1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
-- Tyler Hicks <email address hidden> Wed, 04 Apr 2012 11:13:02 -0500
Available diffs
gnutls26 (2.10.5-1ubuntu3.1) oneiric-security; urgency=low
* SECURITY UPDATE: Denial of service in client application
- debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/CVE-2012-1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
-- Tyler Hicks <email address hidden> Wed, 04 Apr 2012 11:13:02 -0500
Available diffs
| Superseded in precise-release |
gnutls26 (2.12.14-5ubuntu2) precise; urgency=low * Bump the version of gnutls-doc too, for the same reason as gnutls-bin. -- Colin Watson <email address hidden> Tue, 24 Jan 2012 20:05:00 +0000
Available diffs
- diff from 2.12.14-5ubuntu1 to 2.12.14-5ubuntu2 (764 bytes)
| Superseded in precise-release |
gnutls26 (2.12.14-5ubuntu1) precise; urgency=low
* Start building gnutls-bin from this source package again, superseding
the version in gnutls28: gnutls28's licensing is currently too strict
for many of the free software packages built against it in Ubuntu main
and we only want to support a single version. Bump its version to
achieve this.
-- Colin Watson <email address hidden> Tue, 24 Jan 2012 18:18:46 +0000
Available diffs
- diff from 2.12.14-5 to 2.12.14-5ubuntu1 (2.1 KiB)
gnutls26 (2.12.14-5) unstable; urgency=low * Disable gnutls-guile package, let it be provided by gnutls28. -- Ubuntu Archive Auto-Sync <email address hidden> Thu, 29 Dec 2011 09:50:08 +0000
Available diffs
- diff from 2.12.14-4 to 2.12.14-5 (2.1 KiB)
gnutls26 (2.12.14-4) unstable; urgency=low
* Prepare for uploading gnutls28 to unstable.
+ Drop gnutls-bin package, it is going to be provided by gnutls28.
+ Binaries are still useful for debugging, ship them with libgnutls-dbg
in LIBDIR/libgnutls26.
-- Ubuntu Archive Auto-Sync <email address hidden> Wed, 14 Dec 2011 09:46:05 +0000
Available diffs
gnutls26 (2.12.14-3) unstable; urgency=low
* [20_tests-select.diff] Do not run gnulib test-select test anymore. The
test fails on kfreebsd-i386, the gnutls library does not use select().
Closes: #648247
-- Andreas Metzler <email address hidden> Tue, 15 Nov 2011 19:10:06 +0100
Available diffs
gnutls26 (2.12.11-1) unstable; urgency=low
* New upstream version.
+ Allow CA importing of 0 certificates to succeed. Closes: #640639
* Add libp11-kit-dev to libgnutls-dev dependencies. (see #643811)
* [20_guiledocstring.diff] guile: Fix docstring extraction with CPP 4.5+.
Available diffs
gnutls26 (2.10.5-1ubuntu3) oneiric; urgency=low * Backport from Debian (Andreas Metzler, LP: #829467): - [20_gcrypt15compat.diff] Fix compatibility with gcrypt 1.5. -- Colin Watson <email address hidden> Thu, 25 Aug 2011 17:23:22 +0100
Available diffs
| Superseded in oneiric-release |
gnutls26 (2.10.5-1ubuntu2) oneiric; urgency=low
* debian/libgnutlsxx26.install, debian/control: convert libgnutlsxx26
for multiarch as well.
-- Steve Langasek <email address hidden> Fri, 20 May 2011 14:26:01 -0700
Available diffs
- diff from 2.10.5-1ubuntu1 to 2.10.5-1ubuntu2 (684 bytes)
| Superseded in oneiric-release |
gnutls26 (2.10.5-1ubuntu1) oneiric; urgency=low
* Merge from Debian unstable, remaining changes:
- Fix build failure with --no-add-needed.
- Build for multiarch.
Available diffs
gnutls26 (2.8.6-1ubuntu2) natty; urgency=low * FFe LP: #733501: Build for multiarch. -- Steve Langasek <email address hidden> Mon, 21 Mar 2011 22:19:18 -0700
Available diffs
| Superseded in natty-release |
gnutls26 (2.8.6-1ubuntu1) natty; urgency=low * Fix build failure with --no-add-needed. -- Matthias Klose <email address hidden> Thu, 18 Nov 2010 17:15:37 +0100
Available diffs
- diff from 2.8.6-1 to 2.8.6-1ubuntu1 (1.1 KiB)
gnutls26 (2.8.6-1) unstable; urgency=low
* Use dh_lintian.
* Use dh_makeshlibs for the guile stuff, too. This gets us
a) ldconfig in postinst. Closes: #553109
and
b) a shlibs file.
However the shared objects /usr/lib/libguile-gnutls*so* are still not
designed to be used as libraries (linking) but are dlopened. guile-1.10
will address this issue by keeping this stuff in a private directory.
* hotfix pkg-config files (proper fix to be included upstream).
* Stop unneeeded linkage against libgpg-error. 16_unnecessarydep.diff
-- Ubuntu Archive Auto-Sync <email address hidden> Sun, 09 May 2010 13:50:55 +0100
Available diffs
- diff from 2.8.5-2 to 2.8.6-1 (1012.6 KiB)
gnutls26 (2.8.5-2) unstable; urgency=low
* Add a huge bunch of lintian overrides for the guile stuff to make dak
happy.
Available diffs
- diff from 2.8.4-2 to 2.8.5-2 (51.1 KiB)
gnutls26 (2.8.4-2) unstable; urgency=high * [20_fixtimebomb.diff] Fix testsuite error. Closes: #552920 -- Ubuntu Archive Auto-Sync <email address hidden> Tue, 10 Nov 2009 01:36:55 +0000
Available diffs
- diff from 2.8.4-1 to 2.8.4-2 (723 bytes)
gnutls26 (2.8.4-1) unstable; urgency=low
* New upstream version.
+ Drop debian/patches/15_openpgp.diff.
* Sync priorities with override file, libgnutls26 has been bumped from
important to standard.
Available diffs
- diff from 2.8.3-2 to 2.8.4-1 (74.6 KiB)
| 1 → 75 of 96 results | First • Previous • Next • Last |
