Change log for mbedtls package in Ubuntu
| 1 → 50 of 50 results | First • Previous • Next • Last |
| Published in oracular-release |
| Published in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
mbedtls (2.28.8-1) unstable; urgency=medium * New upstream version 2.28.8 * d/libmbedtls-dev.install: install new pkg-config files (Closes: #900015) * d/.symbols: add new PSA symbols -- Andrea Pappacoda <email address hidden> Sun, 31 Mar 2024 20:02:32 +0200
Available diffs
- diff from 2.28.7-1.1ubuntu1 (in Ubuntu) to 2.28.8-1 (132.6 KiB)
- diff from 2.28.7-1.1ubuntu2 (in Ubuntu) to 2.28.8-1 (pending)
| Superseded in noble-proposed |
mbedtls (2.28.7-1.1ubuntu2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 02:33:22 +0000
Available diffs
- diff from 2.28.7-1.1ubuntu1 to 2.28.7-1.1ubuntu2 (585 bytes)
mbedtls (2.28.7-1.1ubuntu1) noble; urgency=low
* Merge from Debian unstable. Remaining changes:
- Fix ppc64el build failure with upstream-proposed patch
Available diffs
| Deleted in noble-updates (Reason: superseded by release) |
| Superseded in noble-release |
| Deleted in noble-proposed (Reason: Moved to noble) |
mbedtls (2.28.7-1ubuntu1) noble; urgency=low
* Merge from Debian unstable. Remaining changes:
- Fix ppc64el build failure with upstream-proposed patch
-- Gianfranco Costamagna <email address hidden> Mon, 29 Jan 2024 09:06:50 +0100
Available diffs
mbedtls (2.28.7-1) unstable; urgency=medium
* New upstream version 2.28.7
- Fixes CVE-2024-23170
- Fixes CVE-2024-23775
* d/libmbedcrypto7.symbols: add new MPI symbols
-- Andrea Pappacoda <email address hidden> Sat, 27 Jan 2024 13:12:37 +0100
Available diffs
mbedtls (2.28.6-1ubuntu1) noble; urgency=medium * Fix ppc64el build failure with upstream-proposed patch -- Gianfranco Costamagna <email address hidden> Wed, 27 Dec 2023 16:18:21 +0100
Available diffs
mbedtls (2.28.6-1) unstable; urgency=medium * New upstream version 2.28.6 * d/copyright: now available under Apache-2.0 or GPL-2+ * d/copyright: update debian/ copyright information -- Andrea Pappacoda <email address hidden> Mon, 20 Nov 2023 09:34:09 +0100
Available diffs
- diff from 2.28.5-1 to 2.28.6-1 (29.1 KiB)
mbedtls (2.28.5-1) unstable; urgency=medium * Team upload. * debian/control: Update URL to use team's git * New upstream version 2.28.5 * debian/libmbedcrypto7.symbols: Fix symbols for lintian -- Philippe Coval <email address hidden> Wed, 11 Oct 2023 19:57:04 +0200
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
mbedtls (2.28.3-1) unstable; urgency=medium
* New upstream version 2.28.3
We are now in the bookworm hard freeze, but I still think that releasing
this now is sensible. Importing new upstream LTS releases is the only way
of properly backporting mbedtls' security fixes, so this release should be
ported to bookworm, sooner or later.
* d/{control,rules}: honour nocheck and nodoc profiles
-- Andrea Pappacoda <email address hidden> Wed, 29 Mar 2023 21:39:41 +0200
Available diffs
- diff from 2.28.2-1 to 2.28.3-1 (1.3 MiB)
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
mbedtls (2.28.2-1) unstable; urgency=medium
* New upstream version 2.28.2
* d/rules: remove .map files from libmbedtls-doc.
Thanks to Dennis Filder for reporting
-- Andrea Pappacoda <email address hidden> Thu, 15 Dec 2022 22:02:03 +0100
Available diffs
- diff from 2.28.1-1 to 2.28.2-1 (345.6 KiB)
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
mbedtls (2.28.1-1) unstable; urgency=medium
* New upstream version 2.28.1
- Fixes CVE-2022-35409
* d/libmbedtls14.symbols: add mbedtls_ssl_check_curve_tls_id
-- Andrea Pappacoda <email address hidden> Tue, 12 Jul 2022 22:58:03 +0200
Available diffs
- diff from 2.28.0-2 to 2.28.1-1 (534.5 KiB)
mbedtls (2.28.0-2) unstable; urgency=medium * d/copyright: add Upstream-Contact * Update upstream Git repository URL * Fix build reproducibility * Fix cross compilation * CVE-2021-43666 fixed in 2.28.0 -- Andrea Pappacoda <email address hidden> Sun, 03 Apr 2022 12:22:05 +0200
Available diffs
| Superseded in kinetic-release |
| Published in jammy-release |
| Deleted in jammy-proposed (Reason: Moved to jammy) |
mbedtls (2.28.0-1build1) jammy; urgency=medium * No change rebuild -- Bryce Harrington <email address hidden> Tue, 29 Mar 2022 22:17:25 +0000
Available diffs
- diff from 2.28.0-1 (in Debian) to 2.28.0-1build1 (520 bytes)
mbedtls (2.28.0-1) unstable; urgency=medium * Upload version 2.28 to unstable * d/control: set myself as the Maintainer. Closes: #1004647 * d/rules: make builds reproducible -- Andrea Pappacoda <email address hidden> Wed, 16 Feb 2022 11:52:38 +0100
Available diffs
- diff from 2.16.11-0.3 to 2.28.0-1 (2.2 MiB)
mbedtls (2.16.11-0.3) unstable; urgency=medium
* Non-maintainer upload
* Drop CMAC support as it breaks ABI compat. Closes #1000289
- Updated libmbedcrypto3.symbols
* CVE-2021-24119 fixed in 2.16.10
-- Andrea Pappacoda <email address hidden> Fri, 26 Nov 2021 16:53:38 +0100
Available diffs
- diff from 2.16.11-0.1ubuntu1 (in Ubuntu) to 2.16.11-0.3 (1.4 KiB)
- diff from 2.16.11-0.2 to 2.16.11-0.3 (837 bytes)
| Superseded in jammy-proposed |
mbedtls (2.16.11-0.2) unstable; urgency=medium * Non-maintainer upload. [ Steve Langasek ] * Make autopkgtests cross-test-friendly (Closes: #953143). -- Gianfranco Costamagna <email address hidden> Sat, 20 Nov 2021 22:30:00 +0100
Available diffs
mbedtls (2.16.11-0.1ubuntu1) jammy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Make autopkgtests cross-test-friendly.
Available diffs
| Superseded in jammy-release |
| Obsolete in impish-release |
| Obsolete in hirsute-release |
| Deleted in hirsute-proposed (Reason: moved to Release) |
mbedtls (2.16.9-0.1ubuntu1) hirsute; urgency=low
* Merge from Debian unstable. Remaining changes:
- Make autopkgtests cross-test-friendly.
-- Gianfranco Costamagna <email address hidden> Thu, 31 Dec 2020 22:23:09 +0100
Available diffs
- diff from 2.16.5-1ubuntu1 to 2.16.9-0.1ubuntu1 (172.6 KiB)
| Superseded in hirsute-release |
| Obsolete in groovy-release |
| Deleted in groovy-proposed (Reason: moved to Release) |
mbedtls (2.16.5-1ubuntu1) groovy; urgency=low
* Merge from Debian unstable. Remaining changes:
- Make autopkgtests cross-test-friendly.
Available diffs
| Superseded in groovy-release |
| Published in focal-release |
| Deleted in focal-proposed (Reason: moved to Release) |
mbedtls (2.16.4-1ubuntu2) focal; urgency=medium
* Also adjust the autopkgtests so they are actually testing the libraries
for the target arch.
-- Steve Langasek <email address hidden> Wed, 04 Mar 2020 22:32:48 -0800
Available diffs
- diff from 2.16.3-1 (in Debian) to 2.16.4-1ubuntu2 (152.2 KiB)
- diff from 2.16.4-1ubuntu1 to 2.16.4-1ubuntu2 (808 bytes)
| Superseded in focal-proposed |
mbedtls (2.16.4-1ubuntu1) focal; urgency=medium * Make autopkgtests cross-test-friendly. -- Steve Langasek <email address hidden> Wed, 04 Mar 2020 22:04:36 -0800
Available diffs
- diff from 2.16.4-1build1 to 2.16.4-1ubuntu1 (630 bytes)
| Superseded in focal-proposed |
mbedtls (2.16.4-1build1) focal; urgency=medium * No-change rebuild with fixed binutils on arm64. -- Matthias Klose <email address hidden> Sat, 08 Feb 2020 11:29:46 +0000
Available diffs
- diff from 2.16.4-1 (in Debian) to 2.16.4-1build1 (314 bytes)
mbedtls (2.2.1-2ubuntu0.3) xenial-security; urgency=medium
* SECURITY UPDATE: Buffer overflows and sensitive information disclousures
- debian/patches/CVE-2017-18187.patch: Prevent bounds check bypass through
overflow in PSK identity.
- debian/patches/CVE-2018-0487.patch: RSA: Fix buffer overflow in PSS
signature verification.
- debian/patches/CVE-2018-0488-1.patch: Fix heap corruption in
ssl_decrypt_buf.
- debian/patches/CVE-2018-0488-2.patch: Fix SSLv3 MAC computation.
- debian/patches/CVE-2018-0497.patch: Fix Lucky13 attack protection when
using HMAC-SHA-384.
- debian/patches/CVE-2018-0498-1.patch: Fix Lucky13 cache attack on
MD/SHA padding.
- debian/patches/CVE-2018-0498-2.patch: Add counter-measure to cache-based
Lucky 13.
- debian/patches/CVE-2018-0498-3.patch: Avoid debug message that might
leak length.
- CVE-2017-18187
- CVE-2018-0487
- CVE-2018-0488
- CVE-2018-0497
- CVE-2018-0498
* SECURITY UPDATE: Update some certificates for the tests
- debian/patches/regenerate-test-files.patch: Regenerate test files from
recent version.
-- Paulo Flabiano Smorigo <email address hidden> Tue, 04 Feb 2020 12:56:35 +0000
Available diffs
mbedtls (2.16.4-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2019-18222 - Side channel attack on ECDSA.
* d/control: Bump standards version to 4.5.0.
* d/libmbedcrypto3.symbols: Add new mbedtls_mpi_lt_mpi_ct symbol.
-- James Cowgill <email address hidden> Tue, 28 Jan 2020 23:38:13 +0000
Available diffs
- diff from 2.16.3-1 to 2.16.4-1 (151.4 KiB)
mbedtls (2.16.3-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2019-16910 - Side channel attack on deterministic
ECDSA. (Closes: #941265)
* d/libmbedcrypto3.symbols:
- Add new mbedtls_ecdsa_sign_det_ext symbol.
-- James Cowgill <email address hidden> Sat, 28 Sep 2019 21:39:18 +0100
Available diffs
- diff from 2.16.2-1 to 2.16.3-1 (99.0 KiB)
| Superseded in focal-release |
| Obsolete in eoan-release |
| Deleted in eoan-proposed (Reason: moved to release) |
mbedtls (2.16.2-1) unstable; urgency=medium * New upstream release. * d/control: Use debhelper compat 12. * d/libmbedx509-0.symbols: Add new test symbols. * d/not-installed: Add file listing mbedTLS programs. -- James Cowgill <email address hidden> Mon, 15 Jul 2019 23:18:37 +0100
Available diffs
- diff from 2.16.0-1 to 2.16.2-1 (155.7 KiB)
| Superseded in eoan-release |
| Obsolete in disco-release |
| Deleted in disco-proposed (Reason: moved to release) |
mbedtls (2.16.0-1) unstable; urgency=medium
* New upstream release.
* d/control: Bump standards to 4.3.0.
* d/libmbedcrypto3.symbols, d/libmbedtls12.symbols:
- Add new symbols found in 2.16.
-- James Cowgill <email address hidden> Tue, 08 Jan 2019 09:25:34 +0000
Available diffs
- diff from 2.14.1-2 to 2.16.0-1 (115.4 KiB)
mbedtls (2.14.1-2) unstable; urgency=medium
[ Aurelien Jarno ]
* bn_mul.h: require at least ARMv6 to enable the ARM DSP code.
- Fixes FTBFS on armel.
-- James Cowgill <email address hidden> Fri, 07 Dec 2018 20:01:11 +0000
Available diffs
- diff from 2.14.1-1 to 2.14.1-2 (960 bytes)
mbedtls (2.14.1-1) unstable; urgency=high
* New upstream release.
- Fixes CVE-2018-19608 - Local timing attack on RSA decryption.
(Closes: #915796)
* d/libmbedcrypto3.symbols, d/libmbedx509-0.symbols:
- Add new symbols found in 2.14.1.
-- James Cowgill <email address hidden> Fri, 07 Dec 2018 10:24:44 +0000
Available diffs
- diff from 2.13.0-3 to 2.14.1-1 (232.0 KiB)
mbedtls (2.13.0-3) unstable; urgency=medium * Upload to unstable. -- James Cowgill <email address hidden> Thu, 04 Oct 2018 18:06:06 +0100
Available diffs
- diff from 2.12.0-1 to 2.13.0-3 (292.9 KiB)
| Superseded in disco-release |
| Obsolete in cosmic-release |
| Deleted in cosmic-proposed (Reason: moved to release) |
mbedtls (2.12.0-1) unstable; urgency=medium
* New upstream release.
- Fixes CVE-2018-0497 and CVE-2018-0498. (Closes: #904821)
* debian/control: Bump standards version to 4.1.5.
* debian/patches: Refresh patches.
* debian/libmbedcrypto1.symbols:
- Add new symbols.
- Remove the internal mbedtls_threading_gmtime_mutex symbol.
-- James Cowgill <email address hidden> Sat, 28 Jul 2018 21:38:20 +0800
Available diffs
- diff from 2.11.0-1 to 2.12.0-1 (118.6 KiB)
mbedtls (2.11.0-1) unstable; urgency=medium
* New upstream release.
* debian/control:
- Require all 3 mbedtls libraries to be the same version.
* debian/patches:
- Refresh 01_config.patch.
- Update SOVERSION patch to revert changes from 2.11.0.
* debian/*.symbols:
- Add new public symbols in 2.11.
- Update internal symbol versions.
-- James Cowgill <email address hidden> Tue, 10 Jul 2018 20:43:19 +0100
Available diffs
- diff from 2.9.0-2 to 2.11.0-1 (116.3 KiB)
mbedtls (2.9.0-2) unstable; urgency=medium
* Upload to unstable.
* Revert libmbedcrypto ABI bump.
- Add patch to revert upstream SOVERSION bump.
- Revert package rename in 2.9.0-1.
-- James Cowgill <email address hidden> Sun, 27 May 2018 14:38:38 +0100
Available diffs
- diff from 2.8.0-1 to 2.9.0-2 (122.9 KiB)
| Superseded in cosmic-release |
| Published in bionic-release |
| Deleted in bionic-proposed (Reason: moved to release) |
mbedtls (2.8.0-1) unstable; urgency=medium
* New upstream release.
* debian/control:
- Bump standards version to 4.1.4.
- Set Rules-Requires-Root: no.
* debian/libmbedcrypto1.symbols:
- Add new symbols in 2.8.
* debian/patches:
- Refresh config patch.
- Drop 02_dhm-Fix-typo-in-RFC-5114-constants.patch - applied upstream.
* debian/rules:
- Use /usr/share/dpkg/architecture.mk to get DEB_HOST_MULTIARCH.
- Clean apidoc directory using debian/clean file.
-- James Cowgill <email address hidden> Mon, 09 Apr 2018 21:06:36 +0100
Available diffs
- diff from 2.7.0-2 to 2.8.0-1 (79.3 KiB)
mbedtls (2.7.0-2) unstable; urgency=medium
* Upload to unstable.
* debian/patches/02_dhm-Fix-typo-in-RFC-5114-constants.patch:
- Add patch to fix typo in RFC 5114 constants.
-- James Cowgill <email address hidden> Thu, 15 Feb 2018 18:32:16 +0000
Available diffs
- diff from 2.6.0-1 to 2.7.0-2 (267.9 KiB)
mbedtls (2.2.1-2ubuntu0.2) xenial-security; urgency=medium
* SECURITY UPDATE: If optional authentication is configured, allows
remote attackers to bypass peer authentication via an X.509 certificate
chain with many intermediates. (LP: #1714640)
- debian/patches/CVE-2017-14032.patch, backport two upstream patches to
return and handle a new "fatal error" error code in case of long
certificate chains.
- CVE-2017-14032
-- James Cowgill <email address hidden> Wed, 06 Sep 2017 21:00:51 +0100
Available diffs
mbedtls (2.4.2-1ubuntu0.1) zesty-security; urgency=medium
* SECURITY UPDATE: If optional authentication is configured, allows
remote attackers to bypass peer authentication via an X.509 certificate
chain with many intermediates. (LP: #1714640)
- debian/patches/CVE-2017-14032.patch, backport two upstream patches to
return and handle a new "fatal error" error code in case of long
certificate chains.
- CVE-2017-14032
-- James Cowgill <email address hidden> Wed, 06 Sep 2017 21:03:02 +0100
Available diffs
| Superseded in bionic-release |
| Obsolete in artful-release |
| Deleted in artful-proposed (Reason: moved to release) |
mbedtls (2.5.1-1ubuntu1) artful; urgency=medium
* SECURITY UPDATE: If optional authentication is configured, allows
remote attackers to bypass peer authentication via an X.509 certificate
chain with many intermediates. (LP: #1714640)
- debian/patches/CVE-2017-14032.patch, backport two upstream patches to
return and handle a new "fatal error" error code in case of long
certificate chains.
- CVE-2017-14032
-- James Cowgill <email address hidden> Wed, 06 Sep 2017 21:11:46 -0500
Available diffs
mbedtls (2.6.0-1) unstable; urgency=high
* New upstream version.
- Fixes possible authentication bypass if a peer supplies a certificate
chain with more than 8 intermediates. (Closes: #873557)
* debian/copyright:
- Update copyright dates.
- Use https Format URL.
* debian/control:
- Bump standards to 4.1.0 (no changes required).
- Use debhelper compat 10.
* debian/libmbedcrypto0.symbols:
- Add new symbols from 2.6.0.
* debian/patches:
- Refresh config patch.
- Drop all stubs patches - upstream reverted the ABI breakage.
-- James Cowgill <email address hidden> Tue, 29 Aug 2017 16:09:30 +0100
Available diffs
mbedtls (2.5.1-1) unstable; urgency=medium
* New upstream version.
* debian/control:
- Bump standards to 4.0.0 (no changes required).
* debian/patches:
- Refresh config patch.
- Add patches to maintain the ABI.
* debian/rules:
- Enable static library build. (Closes: #860302)
- Pass upstream release date to faketime instead of a fixed date.
* debian/*.symbols:
- Add new symbols from mbedTLS 2.5.
* debian/tests:
- Test static library in autopkgtests.
-- James Cowgill <email address hidden> Thu, 22 Jun 2017 11:30:56 +0100
Available diffs
- diff from 2.4.2-1 to 2.5.1-1 (76.3 KiB)
mbedtls (2.3.0-1ubuntu0.1) yakkety-security; urgency=medium
* SECURITY UPDATE: Freeing of memory allocated on stack when validating
a public key with a secp224k1 curve. (LP: #1672686)
- debian/patches/CVE-2017-2784.patch: fix buffer size calculations in
library/ecp_curves.c.
- CVE-2017-2784
-- James Cowgill <email address hidden> Fri, 17 Mar 2017 09:43:46 +0000
Available diffs
mbedtls (2.2.1-2ubuntu0.1) xenial-security; urgency=medium
* SECURITY UPDATE: Freeing of memory allocated on stack when validating
a public key with a secp224k1 curve. (LP: #1672686)
- debian/patches/CVE-2017-2784.patch: fix buffer size calculations in
library/ecp_curves.c.
- CVE-2017-2784
-- James Cowgill <email address hidden> Fri, 17 Mar 2017 09:36:37 +0000
Available diffs
| Superseded in artful-release |
| Obsolete in zesty-release |
| Deleted in zesty-proposed (Reason: moved to release) |
mbedtls (2.4.2-1) unstable; urgency=high
* New upstream version.
- Fixes CVE-2017-2784 - freeing of memory allocated on the stack when
validating a public key with a secp224k1 curve. (Closes: #857560)
* debian/rules:
- Run testsuite inside faketime to prevent it suddenly failing in the
future. Thanks Niels Thykier!
-- James Cowgill <email address hidden> Tue, 14 Mar 2017 10:54:33 +0000
Available diffs
- diff from 2.4.0-1 to 2.4.2-1 (33.3 KiB)
mbedtls (2.4.0-1) unstable; urgency=medium
* New upstream version.
* debian/control:
- Mark libmbedtls-doc multi-arch foreign.
* debian/libmbedtls10.symbols:
- Add new symbols found in 2.4.
* debian/patches:
- Drop 02_ssl_time_t.patch - alternate fix applied upstream.
- Refresh 01_config.patch.
-- James Cowgill <email address hidden> Tue, 18 Oct 2016 20:16:37 +0100
Available diffs
- diff from 2.3.0-1 to 2.4.0-1 (77.4 KiB)
| Superseded in zesty-release |
| Obsolete in yakkety-release |
| Deleted in yakkety-proposed (Reason: moved to release) |
mbedtls (2.3.0-1) unstable; urgency=medium
* New upstream version.
* debian/copyright:
- Update dates and my email address.
* debian/patches:
- Refresh 01_config.patch.
- Drop 02_x32.patch -- applied upstream.
- Add 02_ssl_time_t.patch. Fixes compile error when including
mbedtls/ssl.h.
-- James Cowgill <email address hidden> Tue, 28 Jun 2016 18:11:54 +0100
Available diffs
- diff from 2.2.1-3 to 2.3.0-1 (79.2 KiB)
mbedtls (2.2.1-3) unstable; urgency=medium
* debian/control:
- Use my debian.org email address.
- Bump standards to 3.9.8 (no changes).
* debian/patches:
- Add 02_x32.patch to fix FTBFS on x32.
* debian/rules:
- Enable all hardening options.
-- James Cowgill <email address hidden> Wed, 18 May 2016 17:21:39 +0100
Available diffs
- diff from 2.2.1-2 to 2.2.1-3 (2.0 KiB)
| Superseded in yakkety-release |
| Published in xenial-release |
| Deleted in xenial-proposed (Reason: moved to release) |
mbedtls (2.2.1-2) unstable; urgency=medium
* debian/control:
- Use secure Vcs-Git URL.
* debian/libmbedcrypto0.lintian-override:
- Drop now that lintian itself has been fixed.
* debian/rules:
- Don't build arch:any packages in arch:all build.
* debian/*.symbols:
- Drop unnecessary patch level from symbol file versions.
* debian/tests:
- Add an autopkgtest which compiles and runs the selftest program.
-- James Cowgill <email address hidden> Sat, 16 Jan 2016 00:12:49 +0000
Available diffs
- diff from 2.2.1-1 to 2.2.1-2 (8.6 KiB)
mbedtls (2.2.1-1) unstable; urgency=medium * New upstream version. -- James Cowgill <email address hidden> Tue, 05 Jan 2016 13:15:33 +0000
Available diffs
- diff from 2.2.0-1 to 2.2.1-1 (15.2 KiB)
mbedtls (2.2.0-1) unstable; urgency=medium
* New upstream version.
* debian/changelog:
- Include changelog entries from the polarssl package.
* debian/*.symbols:
- Add new symbols introduced in 2.2.
* debian/rules:
- Don't build documentation in binary-only builds.
-- James Cowgill <email address hidden> Tue, 15 Dec 2015 14:43:09 +0000
Available diffs
- diff from 2.1.2-1 to 2.2.0-1 (68.4 KiB)
mbedtls (2.1.2-1) unstable; urgency=medium * Initial release. (Closes: #801420) -- James Cowgill <email address hidden> Fri, 16 Oct 2015 12:55:27 +0100
| 1 → 50 of 50 results | First • Previous • Next • Last |
