Format: 1.8 Date: Thu, 30 Apr 2009 19:00:21 +0200 Source: gnutls26 Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls Architecture: sparc_translations sparc Version: 2.6.6-1 Distribution: karmic Urgency: high Maintainer: Ubuntu/sparc Build Daemon Changed-By: Andreas Metzler Description: gnutls-bin - the GNU TLS library - commandline utilities gnutls-doc - the GNU TLS library - documentation and examples guile-gnutls - the GNU TLS library - GNU Guile bindings libgnutls-dev - the GNU TLS library - development files libgnutls26 - the GNU TLS library - runtime library libgnutls26-dbg - GNU TLS library - debugger symbols Changes: gnutls26 (2.6.6-1) unstable; urgency=high . * use @LTLIBTASN1@ instead of @LIBTASN1@ in Libs.private of *.pc.in. This way lib-link.m4 gives us -ltasn1 instead of /usr/lib/libtasn1.so. * New upstream security release. + libgnutls: Corrected double free on signature verification failure. GNUTLS-SA-2009-1 CVE-2009-1415 + libgnutls: Fix DSA key generation. Noticed when investigating the previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS 2.6.x are corrupt. See the advisory for more details. GNUTLS-SA-2009-2 CVE-2009-1416 + libgnutls: Check expiration/activation time on untrusted certificates. Before the library did not check activation/expiration times on certificates, and was documented as not doing so. GNUTLS-SA-2009-3 CVE-2009-1417 * The former two issues only apply to gnutls 2.6.x. The latter is a brehavior change, add a NEWS.Debian file to document it. Checksums-Sha1: 77df3c404157bad0bf8010b9405e311ca0f3e80d 30868 gnutls26_2.6.6-1_sparc_translations.tar.gz d24c7e36f6f93147baa5efe58557fb343d1ae221 443118 libgnutls-dev_2.6.6-1_sparc.deb fd49d1bf18eb007e0ce1d627c75ab822ad3a251c 373396 libgnutls26_2.6.6-1_sparc.deb e893f5db03c81e7c94ce7fbdc1cb4484fa0df2e9 878756 libgnutls26-dbg_2.6.6-1_sparc.deb 0ef6030bf4b5228baaf2f6ce7bfd93a81c07f073 140500 gnutls-bin_2.6.6-1_sparc.deb 95ae528807f7f8d989f46b371ce9503f874993cc 66202 guile-gnutls_2.6.6-1_sparc.deb Checksums-Sha256: 1520326db5a4e4c7068918ce04577fc61e6f0ec4d1bc319bae4857193f2b2459 30868 gnutls26_2.6.6-1_sparc_translations.tar.gz c9a21cfff0ec5dbf9085f4199a598be9b7984244d15931b75c1661dcc7fcd83c 443118 libgnutls-dev_2.6.6-1_sparc.deb e4f6260359cf9acb095b1e082f88685673c19a8a23f980d5dbfb9282d4c537c7 373396 libgnutls26_2.6.6-1_sparc.deb d20b3f4519648315f30b21e794b47dea4f4efbc55bd40525cb45e8f0a62d1fbb 878756 libgnutls26-dbg_2.6.6-1_sparc.deb 54dda396c3d03f1ca152da4711a8a521e2060f21fae9817620af230f4fe4e3e0 140500 gnutls-bin_2.6.6-1_sparc.deb 63aa1c6a5d757679487709caf3e7d31cd1dfe2d17738bf6a3083c16030d8c1bd 66202 guile-gnutls_2.6.6-1_sparc.deb Files: 6aa0414070633d1c19fe76f757abc754 30868 raw-translations - gnutls26_2.6.6-1_sparc_translations.tar.gz d1ab4fb169fadc72a56d9f3e1c53d9fe 443118 libdevel optional libgnutls-dev_2.6.6-1_sparc.deb 6d9b137fedcdb883d5f3e7fa10b28eec 373396 libs important libgnutls26_2.6.6-1_sparc.deb 738d867ecda768bc07fe3a3fc3d708cf 878756 debug extra libgnutls26-dbg_2.6.6-1_sparc.deb c165c99bfc3a5d519c5888228d891b92 140500 net optional gnutls-bin_2.6.6-1_sparc.deb d5827f5150682af974fe5f825a1baa8e 66202 lisp optional guile-gnutls_2.6.6-1_sparc.deb