gnutls28 3.5.3-5ubuntu1.2 source package in Ubuntu

Changelog

gnutls28 (3.5.3-5ubuntu1.2) yakkety-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference via status response TLS
    extension decoding
    - debian/patches/CVE-2017-7507-1.patch: ensure response IDs are
      properly deinitialized in lib/ext/status_request.c.
    - debian/patches/CVE-2017-7507-2.patch: remove parsing of responder IDs
      from client extension in lib/ext/status_request.c.
    - debian/patches/CVE-2017-7507-3.patch: documented requirements for
      parameters in lib/ext/status_request.c.
    - CVE-2017-7507
  * SECURITY UPDATE: DoS and possible code execution via OpenPGP
    certificate decoding
    - debian/patches/CVE-2017-7869.patch: enforce packet limits in
      lib/opencdk/read-packet.c.
    - CVE-2017-7869

 -- Marc Deslauriers <email address hidden>  Mon, 12 Jun 2017 09:31:08 -0400

Upload details

Uploaded by:
Marc Deslauriers on 2017-06-12
Uploaded to:
Yakkety
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Yakkety updates on 2017-06-13 main libs
Yakkety security on 2017-06-13 main libs

Downloads

File Size SHA-256 Checksum
gnutls28_3.5.3.orig.tar.xz 6.6 MiB 92c4bc999a10a1b95299ebefaeea8333f19d8a98d957a35b5eae74881bdb1fef
gnutls28_3.5.3-5ubuntu1.2.debian.tar.xz 107.5 KiB 70e64d9153e99a504843554fe8bbc174f0bca0de133ea736ce3d847733ba009b
gnutls28_3.5.3-5ubuntu1.2.dsc 2.9 KiB 7161f3925aa239af254ca46c28121638a19fda8bda3a56436e9c53bb7da314fa

View changes file

Binary packages built by this source

gnutls-bin: GNU TLS library - commandline utilities

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains a commandline interface to the GNU TLS library, which
 can be used to set up secure connections from e.g. shell scripts, debugging
 connection issues or managing certificates.
 .
 Useful utilities include:
  - TLS termination: gnutls-cli, gnutls-serv
  - key and certificate management: certtool, ocsptool, p11tool
  - credential management: srptool, psktool

gnutls-bin-dbgsym: debug symbols for package gnutls-bin

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains a commandline interface to the GNU TLS library, which
 can be used to set up secure connections from e.g. shell scripts, debugging
 connection issues or managing certificates.
 .
 Useful utilities include:
  - TLS termination: gnutls-cli, gnutls-serv
  - key and certificate management: certtool, ocsptool, p11tool
  - credential management: srptool, psktool

gnutls-doc: GNU TLS library - documentation and examples

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains all the GnuTLS documentation.

libgnutls-openssl27: GNU TLS library - OpenSSL wrapper

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the runtime library of the GnuTLS OpenSSL wrapper.

libgnutls-openssl27-dbgsym: debug symbols for package libgnutls-openssl27

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the runtime library of the GnuTLS OpenSSL wrapper.

libgnutls28-dev: GNU TLS library - development files

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the GnuTLS development files.

libgnutls30: GNU TLS library - main runtime library

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the main runtime library.

libgnutls30-dbgsym: debug symbols for package libgnutls30

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the main runtime library.

libgnutlsxx28: GNU TLS library - C++ runtime library

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the C++ runtime libraries.

libgnutlsxx28-dbgsym: debug symbols for package libgnutlsxx28

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the C++ runtime libraries.