Author: Ubuntu Git Importer
Author Date: 2020-04-27 21:04:49 UTC

DSC file for 6.8.0.105+dfsg-3

Author: Ubuntu Git Importer
Author Date: 2020-04-08 22:46:04 UTC

DSC file for 6.8.0.105+dfsg-3

Author: Jo Shields
Author Date: 2020-04-08 09:11:12 UTC

Import patches-applied version 6.8.0.105+dfsg-3 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 82af64314907b3e664da076c1c6e3bf771288eb7
Unapplied parent: 236542be90eded9d0a0af530227ae82f04df1a8c

New changelog entries:
  * [2501df4] Workaround for gacutil System.Native mapping dependency
    (Closes: #954635)

Author: Jo Shields
Author Date: 2020-04-08 09:11:12 UTC

Import patches-unapplied version 6.8.0.105+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2428053c6ee85186d50e3f8b1789ac4ccc945fdc

New changelog entries:
  * [2501df4] Workaround for gacutil System.Native mapping dependency
    (Closes: #954635)

Author: Jo Shields
Author Date: 2020-04-08 09:11:12 UTC

Import patches-unapplied version 6.8.0.105+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2428053c6ee85186d50e3f8b1789ac4ccc945fdc

New changelog entries:
  * [2501df4] Workaround for gacutil System.Native mapping dependency
    (Closes: #954635)

Author: Jo Shields
Author Date: 2020-04-08 09:11:12 UTC

Import patches-unapplied version 6.8.0.105+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2428053c6ee85186d50e3f8b1789ac4ccc945fdc

New changelog entries:
  * [2501df4] Workaround for gacutil System.Native mapping dependency
    (Closes: #954635)

Author: Jo Shields
Author Date: 2020-04-08 09:11:12 UTC

Import patches-unapplied version 6.8.0.105+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2428053c6ee85186d50e3f8b1789ac4ccc945fdc

New changelog entries:
  * [2501df4] Workaround for gacutil System.Native mapping dependency
    (Closes: #954635)

Author: Jo Shields
Author Date: 2020-04-08 09:11:12 UTC

Import patches-unapplied version 6.8.0.105+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2428053c6ee85186d50e3f8b1789ac4ccc945fdc

New changelog entries:
  * [2501df4] Workaround for gacutil System.Native mapping dependency
    (Closes: #954635)

Author: Jo Shields
Author Date: 2020-02-25 16:38:55 UTC

Import patches-unapplied version 6.8.0.105+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3e8797f4df10afd063c9fc2a7f1354b721e843e1

New changelog entries:
  [ Bernhard Urban-Forster ]
  * [d926125] delete leftover code from pre-monoctx area (#18072)
    Also update assert which doesn't make sense since we have moved over
    to MonoContext
    Some context: e7011c780f676914f559f14f25e76c192bb2b0b2
    Fixes: https://github.com/mono/mono/issues/18064
  [ Jo Shields ]
  * [35fc7f0] Add support for GSSAPI

Author: Jo Shields
Author Date: 2020-02-25 16:38:55 UTC

Import patches-unapplied version 6.8.0.105+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3e8797f4df10afd063c9fc2a7f1354b721e843e1

New changelog entries:
  [ Bernhard Urban-Forster ]
  * [d926125] delete leftover code from pre-monoctx area (#18072)
    Also update assert which doesn't make sense since we have moved over
    to MonoContext
    Some context: e7011c780f676914f559f14f25e76c192bb2b0b2
    Fixes: https://github.com/mono/mono/issues/18064
  [ Jo Shields ]
  * [35fc7f0] Add support for GSSAPI

Author: Jo Shields
Author Date: 2020-02-25 16:38:55 UTC

Import patches-unapplied version 6.8.0.105+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 3e8797f4df10afd063c9fc2a7f1354b721e843e1

New changelog entries:
  [ Bernhard Urban-Forster ]
  * [d926125] delete leftover code from pre-monoctx area (#18072)
    Also update assert which doesn't make sense since we have moved over
    to MonoContext
    Some context: e7011c780f676914f559f14f25e76c192bb2b0b2
    Fixes: https://github.com/mono/mono/issues/18064
  [ Jo Shields ]
  * [35fc7f0] Add support for GSSAPI

Author: Jo Shields
Author Date: 2019-09-10 13:09:48 UTC

Import patches-unapplied version 5.18.0.240+dfsg-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7ac7d357e79237584caaf110370453aa078a4516

New changelog entries:
  * [cd49e97] Missed one (Closes: #939923)

Author: Jo Shields
Author Date: 2019-09-10 13:09:48 UTC

Import patches-unapplied version 5.18.0.240+dfsg-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7ac7d357e79237584caaf110370453aa078a4516

New changelog entries:
  * [cd49e97] Missed one (Closes: #939923)

Author: Dimitri John Ledkov
Author Date: 2019-04-17 21:30:39 UTC

Import patches-unapplied version 5.18.0.240+dfsg-2ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 776f0f47fca751c3ab0275533df39f39eba59b4d

New changelog entries:
  * Disable pie on s390x.

Author: Dimitri John Ledkov
Author Date: 2019-04-17 21:30:39 UTC

Import patches-unapplied version 5.18.0.240+dfsg-2ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 776f0f47fca751c3ab0275533df39f39eba59b4d

New changelog entries:
  * Disable pie on s390x.

Author: Dimitri John Ledkov
Author Date: 2019-04-17 21:30:39 UTC

Import patches-unapplied version 5.18.0.240+dfsg-2ubuntu2 to ubuntu/disco-proposed

Imported using git-ubuntu import.

Changelog parent: 776f0f47fca751c3ab0275533df39f39eba59b4d

New changelog entries:
  * Disable pie on s390x.

Author: Jo Shields
Author Date: 2019-04-16 19:41:50 UTC

Import patches-applied version 5.18.0.240+dfsg-3 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: ab56f9ce18eabadffc19996daa64d37d8ecf450c
Unapplied parent: 3b6c01b0bd50bb6dc4bb9d9e3928ec9578a10d66

New changelog entries:
  [ Jo Shields ]
  * [20a7dd0] Don't build docs on s390x, to work around a dumb issue
  [ Neale Ferguson ]
  * [3713407] Fix s390x Outarg_VT (#10632)
    * Fix outarg_vt processing. Fixes #10549
    * Cleanup unused bits and pieces
    * Correct the handling of structures being retuned from a call
    * Restore vtcopy code etc.
    (Closes: #921232)

Author: Jo Shields
Author Date: 2019-04-16 19:41:50 UTC

Import patches-unapplied version 5.18.0.240+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a33ef0fbda44c70baf373a57cb38ae0c1f60e4a4

New changelog entries:
  [ Jo Shields ]
  * [20a7dd0] Don't build docs on s390x, to work around a dumb issue
  [ Neale Ferguson ]
  * [3713407] Fix s390x Outarg_VT (#10632)
    * Fix outarg_vt processing. Fixes #10549
    * Cleanup unused bits and pieces
    * Correct the handling of structures being retuned from a call
    * Restore vtcopy code etc.
    (Closes: #921232)

Author: Jo Shields
Author Date: 2019-04-16 19:41:50 UTC

Import patches-unapplied version 5.18.0.240+dfsg-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a33ef0fbda44c70baf373a57cb38ae0c1f60e4a4

New changelog entries:
  [ Jo Shields ]
  * [20a7dd0] Don't build docs on s390x, to work around a dumb issue
  [ Neale Ferguson ]
  * [3713407] Fix s390x Outarg_VT (#10632)
    * Fix outarg_vt processing. Fixes #10549
    * Cleanup unused bits and pieces
    * Correct the handling of structures being retuned from a call
    * Restore vtcopy code etc.
    (Closes: #921232)

Author: Ubuntu Git Importer
Author Date: 2018-04-01 04:23:02 UTC

pristine-tar data for mono_4.6.2.7+dfsg.orig.tar.gz

Author: Ubuntu Git Importer
Author Date: 2018-03-31 22:08:56 UTC

pristine-tar data for mono_4.6.2.7+dfsg.orig.tar.gz

Author: Jeremy Bicha
Author Date: 2017-09-28 15:09:22 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 54e73d15f4e948a49976b52b46d54f7741088ee7

New changelog entries:
  * Drop obsolete monodoc-manual dependencies on packages that aren't
    available anymore (Closes: #877090)

Author: Jeremy Bicha
Author Date: 2017-09-28 15:09:22 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 54e73d15f4e948a49976b52b46d54f7741088ee7

New changelog entries:
  * Drop obsolete monodoc-manual dependencies on packages that aren't
    available anymore (Closes: #877090)

Author: Jeremy Bicha
Author Date: 2017-09-28 15:09:22 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 54e73d15f4e948a49976b52b46d54f7741088ee7

New changelog entries:
  * Drop obsolete monodoc-manual dependencies on packages that aren't
    available anymore (Closes: #877090)

Author: Jeremy Bicha
Author Date: 2017-09-28 15:09:22 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu2 to ubuntu/artful-proposed

Imported using git-ubuntu import.

Changelog parent: 54e73d15f4e948a49976b52b46d54f7741088ee7

New changelog entries:
  * Drop obsolete monodoc-manual dependencies on packages that aren't
    available anymore (Closes: #877090)

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jeremy Bicha
Author Date: 2016-12-15 20:51:08 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1ubuntu1 to ubuntu/zesty-proposed

Imported using git-ubuntu import.

Changelog parent: 54b50a19e763d9d7badaf8b3f8bec16d34843042

New changelog entries:
  * Sync with Debian. Remaining change:
    - Build with -O0 on s390x, as otherwise it fails to bootstrap.

Author: Jo Shields
Author Date: 2016-12-15 10:58:56 UTC

Import patches-applied version 4.6.2.7+dfsg-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 22cee8e9a17cec645f052bb57be3819c441dfce4
Unapplied parent: 5085f0eb7e62265f0837d216364ae610d152f6e0

New changelog entries:
  * [4274265] Another DEB_HOST_ARCH_OS / DEB_BUILD_ARCH_OS
  * [b96315e] Handle 4->3 part version numbering difference in get-orig-source
  * [64c42ea] dfsg2 -> dfsg for orig tarball
  * [41bc4a8] Imported Upstream version 4.6.2.7+dfsg

Author: Jo Shields
Author Date: 2016-12-15 10:58:56 UTC

Import patches-unapplied version 4.6.2.7+dfsg-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 00eeaf134a17f16bc626816be4688ea4575d613f

New changelog entries:
  * [4274265] Another DEB_HOST_ARCH_OS / DEB_BUILD_ARCH_OS
  * [b96315e] Handle 4->3 part version numbering difference in get-orig-source
  * [64c42ea] dfsg2 -> dfsg for orig tarball
  * [41bc4a8] Imported Upstream version 4.6.2.7+dfsg

Author: Matthias Klose
Author Date: 2016-04-12 13:28:35 UTC

Import patches-unapplied version 4.2.1.102+dfsg2-7ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4f39f5a358c98d4243504d84d237f58dfcadb94a

New changelog entries:
  * Fix libmono-2.0-1 package on arm64 (Jo Shields).
  * mono-archs.mk (DEB_MONO_ARCHS): Re-add powerpc.

Author: Matthias Klose
Author Date: 2016-04-12 13:28:35 UTC

Import patches-unapplied version 4.2.1.102+dfsg2-7ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4f39f5a358c98d4243504d84d237f58dfcadb94a

New changelog entries:
  * Fix libmono-2.0-1 package on arm64 (Jo Shields).
  * mono-archs.mk (DEB_MONO_ARCHS): Re-add powerpc.

Author: Matthias Klose
Author Date: 2016-04-12 13:28:35 UTC

Import patches-unapplied version 4.2.1.102+dfsg2-7ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4f39f5a358c98d4243504d84d237f58dfcadb94a

New changelog entries:
  * Fix libmono-2.0-1 package on arm64 (Jo Shields).
  * mono-archs.mk (DEB_MONO_ARCHS): Re-add powerpc.

Author: Matthias Klose
Author Date: 2016-04-12 13:28:35 UTC

Import patches-unapplied version 4.2.1.102+dfsg2-7ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4f39f5a358c98d4243504d84d237f58dfcadb94a

New changelog entries:
  * Fix libmono-2.0-1 package on arm64 (Jo Shields).
  * mono-archs.mk (DEB_MONO_ARCHS): Re-add powerpc.

Author: Matthias Klose
Author Date: 2016-04-12 13:28:35 UTC

Import patches-unapplied version 4.2.1.102+dfsg2-7ubuntu4 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: 4f39f5a358c98d4243504d84d237f58dfcadb94a

New changelog entries:
  * Fix libmono-2.0-1 package on arm64 (Jo Shields).
  * mono-archs.mk (DEB_MONO_ARCHS): Re-add powerpc.

Author: Jo Shields
Author Date: 2015-11-26 08:58:08 UTC

Import patches-applied version 4.2.1.102+dfsg2-3 to applied/debian/experimental

Imported using git-ubuntu import.

Changelog parent: e56db32c0d7c0eb13938f284cfc6342c413e4d19
Unapplied parent: 370b9b251240f18b5d388a6f078d5a349d26bb65

New changelog entries:
  * [17c35c4] Fix more .symbols errors

Author: Jo Shields
Author Date: 2015-11-26 08:58:08 UTC

Import patches-unapplied version 4.2.1.102+dfsg2-3 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 15dc49861d406f882d45282d1d7341d3def43314

New changelog entries:
  * [17c35c4] Fix more .symbols errors

Author: Jo Shields
Author Date: 2015-03-19 11:32:12 UTC

Import patches-applied version 2.10.8.1-8+deb7u1 to applied/debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 3f879ca3375c8a427d72e1721bf143a8845ef131
Unapplied parent: f64b9ee71dbd7e79eb1dc9abbdd279dc9b200032

New changelog entries:
  * [c2afe08] Mono's implementation of the SSL/TLS stack failed to check
    the order of the handshake messages. Which would allow various attacks
    on the protocol to succeed. ("SKIP-TLS" attack).
    (Closes: #780751, CVE-2015-2318)
  * [997bd08] Remove the client-side SSLv2 fallback. There's almost no
    SSLv3 web site left so a v2 fallback is only extra code we do not
    need to carry forward. (Closes: #780751, CVE-2015-2320)
  * [b570325] Remove the EXPORT ciphers and related code path. That was
    still useful in 2003/2004 but the technical and legal landscape changed
    a lot since then. Removing the old, limited key size, cipher suites
    also allow removed additional parts of the code that deals with them.
    ("FREAK" attack) (Closes: #780751, CVE-2015-2319)

Author: Jo Shields
Author Date: 2015-03-19 11:32:12 UTC

Import patches-unapplied version 2.10.8.1-8+deb7u1 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: b0f77663068414bce3290535df52de767f92c6eb

New changelog entries:
  * [c2afe08] Mono's implementation of the SSL/TLS stack failed to check
    the order of the handshake messages. Which would allow various attacks
    on the protocol to succeed. ("SKIP-TLS" attack).
    (Closes: #780751, CVE-2015-2318)
  * [997bd08] Remove the client-side SSLv2 fallback. There's almost no
    SSLv3 web site left so a v2 fallback is only extra code we do not
    need to carry forward. (Closes: #780751, CVE-2015-2320)
  * [b570325] Remove the EXPORT ciphers and related code path. That was
    still useful in 2003/2004 but the technical and legal landscape changed
    a lot since then. Removing the old, limited key size, cipher suites
    also allow removed additional parts of the code that deals with them.
    ("FREAK" attack) (Closes: #780751, CVE-2015-2319)

Author: Marc Deslauriers
Author Date: 2015-03-20 16:56:54 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu2.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 69df406c94ff5ee6b762d29c5aab01107472ec27

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 18:30:11 UTC

Import patches-unapplied version 2.10.8.1-1ubuntu2.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 5f3ff6e3a781e52b767138e0dc80cca53f9213dd

New changelog entries:
  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2011-0992.patch: fix access to freed members of a
      dead thread in mono/metadata/threads.c.
    - CVE-2011-0992
  * SECURITY UPDATE: denial of service via hash collision
    - debian/patches/CVE-2012-3543.patch: add a better hash provider to
      mcs/class/System.Web/System.Web.UI/Page.cs,
      mcs/class/System.Web/System.Web.Util/SecureHashCodeProvider.cs,
      mcs/class/System.Web/System.Web.dll.sources,
      mcs/class/System.Web/System.Web/WebROCollection.cs.
    - CVE-2012-3543
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320
  * debian/source/options: Don't use single-debian-patch for Ubuntu.

Author: Marc Deslauriers
Author Date: 2015-03-20 18:30:11 UTC

Import patches-unapplied version 2.10.8.1-1ubuntu2.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 5f3ff6e3a781e52b767138e0dc80cca53f9213dd

New changelog entries:
  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2011-0992.patch: fix access to freed members of a
      dead thread in mono/metadata/threads.c.
    - CVE-2011-0992
  * SECURITY UPDATE: denial of service via hash collision
    - debian/patches/CVE-2012-3543.patch: add a better hash provider to
      mcs/class/System.Web/System.Web.UI/Page.cs,
      mcs/class/System.Web/System.Web.Util/SecureHashCodeProvider.cs,
      mcs/class/System.Web/System.Web.dll.sources,
      mcs/class/System.Web/System.Web/WebROCollection.cs.
    - CVE-2012-3543
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320
  * debian/source/options: Don't use single-debian-patch for Ubuntu.

Author: Marc Deslauriers
Author Date: 2015-03-20 18:30:11 UTC

Import patches-unapplied version 2.10.8.1-1ubuntu2.3 to ubuntu/precise-security

Imported using git-ubuntu import.

Changelog parent: 5f3ff6e3a781e52b767138e0dc80cca53f9213dd

New changelog entries:
  * SECURITY UPDATE: denial of service via use after free
    - debian/patches/CVE-2011-0992.patch: fix access to freed members of a
      dead thread in mono/metadata/threads.c.
    - CVE-2011-0992
  * SECURITY UPDATE: denial of service via hash collision
    - debian/patches/CVE-2012-3543.patch: add a better hash provider to
      mcs/class/System.Web/System.Web.UI/Page.cs,
      mcs/class/System.Web/System.Web.Util/SecureHashCodeProvider.cs,
      mcs/class/System.Web/System.Web.dll.sources,
      mcs/class/System.Web/System.Web/WebROCollection.cs.
    - CVE-2012-3543
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320
  * debian/source/options: Don't use single-debian-patch for Ubuntu.

Author: Marc Deslauriers
Author Date: 2015-03-20 16:59:13 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu1.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 083e3d2b1a867f39f3d571c98b073f5b27f0b4f0

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320
  * debian/source/options: Don't use single-debian-patch for Ubuntu.

Author: Marc Deslauriers
Author Date: 2015-03-20 16:59:13 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu1.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 083e3d2b1a867f39f3d571c98b073f5b27f0b4f0

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320
  * debian/source/options: Don't use single-debian-patch for Ubuntu.

Author: Marc Deslauriers
Author Date: 2015-03-20 16:59:13 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu1.1 to ubuntu/trusty-security

Imported using git-ubuntu import.

Changelog parent: 083e3d2b1a867f39f3d571c98b073f5b27f0b4f0

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320
  * debian/source/options: Don't use single-debian-patch for Ubuntu.

Author: Marc Deslauriers
Author Date: 2015-03-20 16:56:54 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu2.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 69df406c94ff5ee6b762d29c5aab01107472ec27

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 16:56:54 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu2.1 to ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: 69df406c94ff5ee6b762d29c5aab01107472ec27

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 16:49:23 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu4 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: cc7b1530d5d3b6961ca4a2773c1c2394775414b2

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 16:49:23 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu4 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: cc7b1530d5d3b6961ca4a2773c1c2394775414b2

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 16:49:23 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu4 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: cc7b1530d5d3b6961ca4a2773c1c2394775414b2

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 16:49:23 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu4 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: cc7b1530d5d3b6961ca4a2773c1c2394775414b2

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Marc Deslauriers
Author Date: 2015-03-20 16:49:23 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu4 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: cc7b1530d5d3b6961ca4a2773c1c2394775414b2

New changelog entries:
  * SECURITY UPDATE: TLS impersonation attack
    - debian/patches/CVE-2015-2318.patch: add handshake state validation to
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/Context.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ServerRecordProtocol.cs.
    - CVE-2015-2318
  * SECURITY UPDATE: FREAK attack vulnerability
    - debian/patches/CVE-2015-2319.patch: remove EXPORT ciphers from
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/CipherSuiteFactory.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/ClientRecordProtocol.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslCipherSuite.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/SslServerStream.cs,
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/TlsCipherSuite.cs.
    - CVE-2015-2319
  * SECURITY UPDATE: SSLv2 support
    - debian/patches/CVE-2015-2320.patch: remove client-side SSLv2 fallback in
      mcs/class/Mono.Security/Mono.Security.Protocol.Tls/RecordProtocol.cs.
    - CVE-2015-2320

Author: Jo Shields
Author Date: 2015-03-19 10:30:24 UTC

Import patches-unapplied version 3.2.8+dfsg-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 9bbd3ce71a9c52eda932d367aee62beb20aaf77f

New changelog entries:
  * [037e3b5] Mono's implementation of the SSL/TLS stack failed to check
    the order of the handshake messages. Which would allow various attacks on
    the protocol to succeed. ("SKIP-TLS" attack).
    (Closes: #780751, CVE-2015-2318)
  * [38d3725] Remove the client-side SSLv2 fallback. There's almost no SSLv3
    web site left so a v2 fallback is only extra code we do not need to carry
    forward. (Closes: #780751, CVE-2015-2320)
  * [00e66d6] Remove the EXPORT ciphers and related code path. That was still
    useful in 2003/2004 but the technical and legal landscape changed a lot
    since then. Removing the old, limited key size, cipher suites also allow
    removed additional parts of the code that deals with them.
    ("FREAK" attack) (Closes: #780751, CVE-2015-2319)

Author: Jo Shields
Author Date: 2015-03-19 10:30:24 UTC

Import patches-applied version 3.2.8+dfsg-10 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: af9f79da4890f3afa06eacc81a51698c1b343ed4
Unapplied parent: 3074e098a42e7d559624f181d0b60a9f6ee114d4

New changelog entries:
  * [037e3b5] Mono's implementation of the SSL/TLS stack failed to check
    the order of the handshake messages. Which would allow various attacks on
    the protocol to succeed. ("SKIP-TLS" attack).
    (Closes: #780751, CVE-2015-2318)
  * [38d3725] Remove the client-side SSLv2 fallback. There's almost no SSLv3
    web site left so a v2 fallback is only extra code we do not need to carry
    forward. (Closes: #780751, CVE-2015-2320)
  * [00e66d6] Remove the EXPORT ciphers and related code path. That was still
    useful in 2003/2004 but the technical and legal landscape changed a lot
    since then. Removing the old, limited key size, cipher suites also allow
    removed additional parts of the code that deals with them.
    ("FREAK" attack) (Closes: #780751, CVE-2015-2319)

Author: Adam Conrad
Author Date: 2014-04-14 10:41:05 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu2 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 083e3d2b1a867f39f3d571c98b073f5b27f0b4f0

New changelog entries:
  * debian/source/options: Don't use single-debian-patch for Ubuntu.
  * debian/patches/ppc64el-me-harder: More patches from IBM for PPC.

Author: Adam Conrad
Author Date: 2014-04-14 10:41:05 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu2 to ubuntu/utopic-proposed

Imported using git-ubuntu import.

Changelog parent: 083e3d2b1a867f39f3d571c98b073f5b27f0b4f0

New changelog entries:
  * debian/source/options: Don't use single-debian-patch for Ubuntu.
  * debian/patches/ppc64el-me-harder: More patches from IBM for PPC.

Author: Jo Shields
Author Date: 2014-02-28 00:15:28 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: c3cfb0edf3ffe88b90ae3057b4ed4afa3e777e71

New changelog entries:
  * Include mystery patchset from Matthias Klose <doko@ubuntu.com> which
    adds support for little-endian PPC64.

Author: Jo Shields
Author Date: 2014-02-28 00:15:28 UTC

Import patches-unapplied version 3.2.8+dfsg-4ubuntu1 to ubuntu/trusty-proposed

Imported using git-ubuntu import.

Changelog parent: c3cfb0edf3ffe88b90ae3057b4ed4afa3e777e71

New changelog entries:
  * Include mystery patchset from Matthias Klose <doko@ubuntu.com> which
    adds support for little-endian PPC64.

Author: Iain Lane
Author Date: 2013-06-14 10:03:43 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 412d0ecb9fbf3bdcf9fbd2b24f1225658ff23bf0

New changelog entries:
  * Cherry-pick patches from upstream fixing automake 1.13-related FTBFS.

Author: Iain Lane
Author Date: 2013-06-14 10:03:43 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 412d0ecb9fbf3bdcf9fbd2b24f1225658ff23bf0

New changelog entries:
  * Cherry-pick patches from upstream fixing automake 1.13-related FTBFS.

Author: Iain Lane
Author Date: 2013-06-14 10:03:43 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 412d0ecb9fbf3bdcf9fbd2b24f1225658ff23bf0

New changelog entries:
  * Cherry-pick patches from upstream fixing automake 1.13-related FTBFS.

Author: Jo Shields
Author Date: 2012-07-11 21:10:55 UTC

Import patches-applied version 2.6.7-5.1 to applied/debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 0c33479bad2eb84f3f8b05714ea10f60b4cadee9
Unapplied parent: 6c1a1088ee4290681eb9ec71018717517df58388

New changelog entries:
  [ Gonzalo Paniagua Javier ]
  * [29cd322] HtmlEncode the path.
     Fixes Novell bug #769799.
  [ Jo Shields ]
  * Security upload to fix potential XSS issue in System.Web's error
    page handling (Closes: #681095, CVE-2012-3382)

Author: Jo Shields
Author Date: 2012-07-11 21:10:55 UTC

Import patches-unapplied version 2.6.7-5.1 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 92bc27504ac629af83219b3016c2ba60d482ba88

New changelog entries:
  [ Gonzalo Paniagua Javier ]
  * [29cd322] HtmlEncode the path.
     Fixes Novell bug #769799.
  [ Jo Shields ]
  * Security upload to fix potential XSS issue in System.Web's error
    page handling (Closes: #681095, CVE-2012-3382)

Author: Marc Deslauriers
Author Date: 2012-07-27 12:06:30 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu1 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 716b472c7f05db792381bf126856037ddcd64564

New changelog entries:
  * Merged from Debian unstable. Remaining changes:
    - Remove the ARMV6 ASM check from configure{,.in}, since our build
      hosts aren't the same architecture as our target, and hardcode
      an arm*-linux-gnueabihf target that enables ARMV6 unconditionally.
    - Don't use single-debian-patch format for Ubuntu, for sanity.

Author: Marc Deslauriers
Author Date: 2012-07-27 12:06:30 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu1 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 716b472c7f05db792381bf126856037ddcd64564

New changelog entries:
  * Merged from Debian unstable. Remaining changes:
    - Remove the ARMV6 ASM check from configure{,.in}, since our build
      hosts aren't the same architecture as our target, and hardcode
      an arm*-linux-gnueabihf target that enables ARMV6 unconditionally.
    - Don't use single-debian-patch format for Ubuntu, for sanity.

Author: Marc Deslauriers
Author Date: 2012-07-27 12:06:30 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu1 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 716b472c7f05db792381bf126856037ddcd64564

New changelog entries:
  * Merged from Debian unstable. Remaining changes:
    - Remove the ARMV6 ASM check from configure{,.in}, since our build
      hosts aren't the same architecture as our target, and hardcode
      an arm*-linux-gnueabihf target that enables ARMV6 unconditionally.
    - Don't use single-debian-patch format for Ubuntu, for sanity.

Author: Marc Deslauriers
Author Date: 2012-07-27 12:06:30 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu1 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 716b472c7f05db792381bf126856037ddcd64564

New changelog entries:
  * Merged from Debian unstable. Remaining changes:
    - Remove the ARMV6 ASM check from configure{,.in}, since our build
      hosts aren't the same architecture as our target, and hardcode
      an arm*-linux-gnueabihf target that enables ARMV6 unconditionally.
    - Don't use single-debian-patch format for Ubuntu, for sanity.

Author: Marc Deslauriers
Author Date: 2012-07-27 12:06:30 UTC

Import patches-unapplied version 2.10.8.1-5ubuntu1 to ubuntu/quantal-proposed

Imported using git-ubuntu import.

Changelog parent: 716b472c7f05db792381bf126856037ddcd64564

New changelog entries:
  * Merged from Debian unstable. Remaining changes:
    - Remove the ARMV6 ASM check from configure{,.in}, since our build
      hosts aren't the same architecture as our target, and hardcode
      an arm*-linux-gnueabihf target that enables ARMV6 unconditionally.
    - Don't use single-debian-patch format for Ubuntu, for sanity.

Author: Marc Deslauriers
Author Date: 2012-07-24 17:32:47 UTC

Import patches-unapplied version 2.10.5-1ubuntu0.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 6f5b2065841f7f59947f913b3456180f829ff8de

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2012-3382.patch: properly escape error message in
      mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs.
    - CVE-2012-3382

Author: Marc Deslauriers
Author Date: 2012-07-24 17:49:00 UTC

Import patches-unapplied version 2.4.4~svn151842-1ubuntu4.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: cb32828259d354930be0ae7281c3c1e1a936a706

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2012-3382.dpatch: properly escape error message in
      mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs.
    - CVE-2012-3382
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2010-1459.dpatch: properly handle
      EnableViewStateMac property in
      mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs,
      mcs/class/System.Web/System.Web.UI/Page.cs,
      mcs/class/System.Web/System.Web.UI/PageParser.cs.
    - CVE-2010-1459

Author: Marc Deslauriers
Author Date: 2012-07-24 17:49:00 UTC

Import patches-unapplied version 2.4.4~svn151842-1ubuntu4.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: cb32828259d354930be0ae7281c3c1e1a936a706

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2012-3382.dpatch: properly escape error message in
      mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs.
    - CVE-2012-3382
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2010-1459.dpatch: properly handle
      EnableViewStateMac property in
      mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs,
      mcs/class/System.Web/System.Web.UI/Page.cs,
      mcs/class/System.Web/System.Web.UI/PageParser.cs.
    - CVE-2010-1459

Author: Marc Deslauriers
Author Date: 2012-07-24 17:49:00 UTC

Import patches-unapplied version 2.4.4~svn151842-1ubuntu4.1 to ubuntu/lucid-security

Imported using git-ubuntu import.

Changelog parent: cb32828259d354930be0ae7281c3c1e1a936a706

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2012-3382.dpatch: properly escape error message in
      mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs.
    - CVE-2012-3382
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2010-1459.dpatch: properly handle
      EnableViewStateMac property in
      mcs/class/System.Web/System.Web.Compilation/PageCompiler.cs,
      mcs/class/System.Web/System.Web.UI/Page.cs,
      mcs/class/System.Web/System.Web.UI/PageParser.cs.
    - CVE-2010-1459

Author: Marc Deslauriers
Author Date: 2012-07-24 17:34:56 UTC

Import patches-unapplied version 2.6.7-5ubuntu3.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: b2624db9e0a5a36e6bd817971f97af2892b2ea1d

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs: properly
      escape error message.
    - CVE-2012-3382

Author: Marc Deslauriers
Author Date: 2012-07-24 17:34:56 UTC

Import patches-unapplied version 2.6.7-5ubuntu3.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: b2624db9e0a5a36e6bd817971f97af2892b2ea1d

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs: properly
      escape error message.
    - CVE-2012-3382

Author: Marc Deslauriers
Author Date: 2012-07-24 17:34:56 UTC

Import patches-unapplied version 2.6.7-5ubuntu3.1 to ubuntu/natty-security

Imported using git-ubuntu import.

Changelog parent: b2624db9e0a5a36e6bd817971f97af2892b2ea1d

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs: properly
      escape error message.
    - CVE-2012-3382

Author: Marc Deslauriers
Author Date: 2012-07-24 17:32:47 UTC

Import patches-unapplied version 2.10.5-1ubuntu0.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 6f5b2065841f7f59947f913b3456180f829ff8de

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2012-3382.patch: properly escape error message in
      mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs.
    - CVE-2012-3382

Author: Marc Deslauriers
Author Date: 2012-07-24 17:32:47 UTC

Import patches-unapplied version 2.10.5-1ubuntu0.1 to ubuntu/oneiric-security

Imported using git-ubuntu import.

Changelog parent: 6f5b2065841f7f59947f913b3456180f829ff8de

New changelog entries:
  * SECURITY UPDATE: cross-site scripting vulnerability
    - debian/patches/CVE-2012-3382.patch: properly escape error message in
      mcs/class/System.Web/System.Web/HttpForbiddenHandler.cs.
    - CVE-2012-3382

Author: Julian Taylor
Author Date: 2012-06-03 20:46:30 UTC

Import patches-unapplied version 2.10.8.1-1ubuntu2.1 to ubuntu/precise-proposed

Imported using git-ubuntu import.

Changelog parent: 68fd143298a40df97e0c2964210d342c4b97a0e2

New changelog entries:
  * configure.in: search multiarch paths for libX11 (LP: #1008212)
    changes the dllmap in /etc/mono/config to the versioned library

Author: Andrew Mitchell
Author Date: 2012-04-04 06:08:25 UTC

Import patches-unapplied version 2.10.8.1-1ubuntu2 to ubuntu/precise

Imported using git-ubuntu import.

Changelog parent: 5520aebd1b2596697cab1bed4759f2619fd54ae6

New changelog entries:
  * debian/monodoc-base.postinst: Add '|| true' to the update-monodoc call
    so that it doesn't cause upgrades to fail due to the trigger being called
    prior to GTK# being upgraded (LP: #972751)

Author: Mirco Bauer
Author Date: 2011-08-25 20:26:08 UTC

Import patches-unapplied version 2.10.5-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: ef8ea271d9c5be7e7b9eec012109d9a7fb15250a

New changelog entries:
  * [854fa78] Imported Upstream version 2.10.5

Author: Chris Halse Rogers
Author Date: 2011-04-12 01:23:54 UTC

Import patches-unapplied version 2.6.7-5ubuntu3 to ubuntu/natty

Imported using git-ubuntu import.

Changelog parent: aa2fe701cdbcfbdc06ece0cafb40bf5f663aa29f

New changelog entries:
  * Drop gluezilla Recommends to Suggests for libmono-webbrowser0.5-cil.
    xulrunner, and hence gluezilla, is dropping out of main for Natty.
    (LP: #740815)

Author: Stefan Ebner
Author Date: 2010-09-14 17:58:16 UTC

Import patches-unapplied version 2.6.7-3ubuntu1 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: d587b72d7bdb352623a01e8a1453182aee3640fd

New changelog entries:
    * Merge from Debian Unstable, remaining Ubuntu changes:
    + debian/control:
      - Lower mono-debugger Recommends on mono-dbg package to Suggests,
        as mono-debugger is in Universe
      - Lower libmono-firebirdsql1.7-cil Recommends on libmono-cil-dev
        package to Suggests, as libfbclient2 is in Universe

Author: Stefan Ebner
Author Date: 2010-09-14 17:58:16 UTC

Import patches-unapplied version 2.6.7-3ubuntu1 to ubuntu/maverick

Imported using git-ubuntu import.

Changelog parent: d587b72d7bdb352623a01e8a1453182aee3640fd

New changelog entries:
    * Merge from Debian Unstable, remaining Ubuntu changes:
    + debian/control:
      - Lower mono-debugger Recommends on mono-dbg package to Suggests,
        as mono-debugger is in Universe
      - Lower libmono-firebirdsql1.7-cil Recommends on libmono-cil-dev
        package to Suggests, as libfbclient2 is in Universe

Author: Martin Pitt
Author Date: 2010-04-22 09:33:07 UTC

Import patches-unapplied version 2.4.4~svn151842-1ubuntu4 to ubuntu/lucid

Imported using git-ubuntu import.

Changelog parent: 10069976981aabd9ad21b2ad7a30f313c7ae5fe7

New changelog entries:
  * debian/control: Reapply dropped change from 1.9.1+dfsg-4ubuntu2 to lower
    the "mono-debugger" recommends of mono-dbg to suggests. mono-debugger is
    in universe.

Author: Mirco Bauer
Author Date: 2009-09-07 20:00:21 UTC

Import patches-unapplied version 2.4.2.3+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 14f56277f7ddc3eb15a8ae59301f29f63de89737

New changelog entries:
  * debian/control:
    + Add missing cli:Suggests to libmono-bytefx0.7.6.1-cil and
      libmono-bytefx0.7.6.2-cil.
  * debian/rules:
    + Removed mono:upversion and mono:next-version from dh_gencontrol -s
      call as those are unused for arch:any packages.
  * debian/patches/fix_metadata_dup.dpatch:
    + Remove duplicate appdomain.h, fixing FTBFS.
      (thanks to Stefan Siegl for the investigation, Closes: #543010)
  * debian/patches/fix_CreateDelegate_ArgumentException.dpatch:
    + Fixed ArgumentException in System.Delegate.CreateDelegate() which broke
      IronPython 2.6 Beta 2.

Author: Mirco Bauer
Author Date: 2009-09-07 20:00:21 UTC

Import patches-unapplied version 2.4.2.3+dfsg-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 14f56277f7ddc3eb15a8ae59301f29f63de89737

New changelog entries:
  * debian/control:
    + Add missing cli:Suggests to libmono-bytefx0.7.6.1-cil and
      libmono-bytefx0.7.6.2-cil.
  * debian/rules:
    + Removed mono:upversion and mono:next-version from dh_gencontrol -s
      call as those are unused for arch:any packages.
  * debian/patches/fix_metadata_dup.dpatch:
    + Remove duplicate appdomain.h, fixing FTBFS.
      (thanks to Stefan Siegl for the investigation, Closes: #543010)
  * debian/patches/fix_CreateDelegate_ArgumentException.dpatch:
    + Fixed ArgumentException in System.Delegate.CreateDelegate() which broke
      IronPython 2.6 Beta 2.

Author: Marc Deslauriers
Author Date: 2009-08-19 18:01:58 UTC

Import patches-unapplied version 2.0.1-4ubuntu0.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: fc40b85b5b45239f429cac19ae8007217fa8b23e

New changelog entries:
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 18:45:27 UTC

Import patches-unapplied version 1.9.1+dfsg-4ubuntu2.1 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 94d4138202fca10ab2db5ad00a1a5cb5101019d6

New changelog entries:
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 20:04:59 UTC

Import patches-unapplied version 1.2.6+dfsg-6ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: bb9e9acaadb7f74e5755e724f442a8dd44e8b4c2

New changelog entries:
  * SECURITY UPDATE: Multiple cross-site scripting vulnerabilities in
    the ASP.net class libraries (LP: #282952)
    - debian/patches/security_CVE-2008-3422.dpatch: properly encode and
      escape values in mcs/class/System.Web/System.Web.UI.HtmlControls/
      {HtmlControl,HtmlForm,HtmlInputButton,HtmlInputRadioButton,
      HtmlSelect}.cs, and add tests to mcs/class/System.Web/Test/
      System.Web.UI.HtmlControls/{HtmlImageTest,HtmlInputButtonTest,
      HtmlInputRadioButtonTest,HtmlSelectTest}.cs
    - CVE-2008-3422
  * SECURITY UPDATE: CRLF injection vulnerability in Sys.Web (LP: #282952)
    - debian/patches/security_CVE-2008-3906.dpatch: encode headers in
      mcs/class/System.Web/{System.Web/HttpResponseHeader.cs,
      System.Web.Configuration/HttpRuntimeConfig.cs}
    - CVE-2008-3906
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 20:04:59 UTC

Import patches-unapplied version 1.2.6+dfsg-6ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: bb9e9acaadb7f74e5755e724f442a8dd44e8b4c2

New changelog entries:
  * SECURITY UPDATE: Multiple cross-site scripting vulnerabilities in
    the ASP.net class libraries (LP: #282952)
    - debian/patches/security_CVE-2008-3422.dpatch: properly encode and
      escape values in mcs/class/System.Web/System.Web.UI.HtmlControls/
      {HtmlControl,HtmlForm,HtmlInputButton,HtmlInputRadioButton,
      HtmlSelect}.cs, and add tests to mcs/class/System.Web/Test/
      System.Web.UI.HtmlControls/{HtmlImageTest,HtmlInputButtonTest,
      HtmlInputRadioButtonTest,HtmlSelectTest}.cs
    - CVE-2008-3422
  * SECURITY UPDATE: CRLF injection vulnerability in Sys.Web (LP: #282952)
    - debian/patches/security_CVE-2008-3906.dpatch: encode headers in
      mcs/class/System.Web/{System.Web/HttpResponseHeader.cs,
      System.Web.Configuration/HttpRuntimeConfig.cs}
    - CVE-2008-3906
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 20:04:59 UTC

Import patches-unapplied version 1.2.6+dfsg-6ubuntu3.1 to ubuntu/hardy-security

Imported using git-ubuntu import.

Changelog parent: bb9e9acaadb7f74e5755e724f442a8dd44e8b4c2

New changelog entries:
  * SECURITY UPDATE: Multiple cross-site scripting vulnerabilities in
    the ASP.net class libraries (LP: #282952)
    - debian/patches/security_CVE-2008-3422.dpatch: properly encode and
      escape values in mcs/class/System.Web/System.Web.UI.HtmlControls/
      {HtmlControl,HtmlForm,HtmlInputButton,HtmlInputRadioButton,
      HtmlSelect}.cs, and add tests to mcs/class/System.Web/Test/
      System.Web.UI.HtmlControls/{HtmlImageTest,HtmlInputButtonTest,
      HtmlInputRadioButtonTest,HtmlSelectTest}.cs
    - CVE-2008-3422
  * SECURITY UPDATE: CRLF injection vulnerability in Sys.Web (LP: #282952)
    - debian/patches/security_CVE-2008-3906.dpatch: encode headers in
      mcs/class/System.Web/{System.Web/HttpResponseHeader.cs,
      System.Web.Configuration/HttpRuntimeConfig.cs}
    - CVE-2008-3906
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 18:45:27 UTC

Import patches-unapplied version 1.9.1+dfsg-4ubuntu2.1 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 94d4138202fca10ab2db5ad00a1a5cb5101019d6

New changelog entries:
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 18:45:27 UTC

Import patches-unapplied version 1.9.1+dfsg-4ubuntu2.1 to ubuntu/intrepid-security

Imported using git-ubuntu import.

Changelog parent: 94d4138202fca10ab2db5ad00a1a5cb5101019d6

New changelog entries:
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 18:01:58 UTC

Import patches-unapplied version 2.0.1-4ubuntu0.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: fc40b85b5b45239f429cac19ae8007217fa8b23e

New changelog entries:
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217

Author: Marc Deslauriers
Author Date: 2009-08-19 18:01:58 UTC

Import patches-unapplied version 2.0.1-4ubuntu0.1 to ubuntu/jaunty-security

Imported using git-ubuntu import.

Changelog parent: fc40b85b5b45239f429cac19ae8007217fa8b23e

New changelog entries:
  * SECURITY UPDATE: XMLDsig HMAC-based signatures spoofing and
    authentication bypass (LP: #409920)
    - debian/patches/security_CVE-2009-0217.dpatch: Fix HMACOutputLength to
      match XMLDSIG erratum and add stricter checks.
    - CVE-2009-0217