Branches for Dapper

Author: Martin Pitt
Revision Date: 2006-02-15 16:16:41 UTC

* debian/rules: Activate simple-patchsys.mk.
* debian/control: Bump libtasn1-2-dev build dependency to >=
  0.2.17-1ubuntu1.
* Add debian/patches/01_tasn_api_length.patch:
   - lib/x509/xml.c: Fix calls to libtasn1-2's internal _asn1_* API calls for
     new libtasn1-2 version; these calls now expect a buffer length argument to
     check for buffer overflows.
   - lib/minitasn1/: Changed internal _asn1_ function prototypes in header
     files according to recent change in libtasn1-2.

Author: Jamie Strandboge
Revision Date: 2009-02-20 13:47:47 UTC

* Fix for certificate chain regressions introduced by fixes for
  CVE-2008-4989
* debian/patches/20_CVE-2008-4989.diff: updated to upstream's final
  2.4.2 - 2.4.3 patchset for lib/x509/verify.c to fix CVE-2008-4989 and
  address all known regressions. To summarize from upstream:
  - Fix X.509 certificate chain validation error (CVE-2008-4989)
  - Fix chain verification for chains that end with RSA-MD2 CAs (LP: #305264)
  - Deprecate X.509 validation chains using MD5 and MD2 signatures
  - Accept chains where intermediary certs are trusted (LP: #305264)

Author: Jamie Strandboge
Revision Date: 2010-06-02 15:25:32 UTC

* SECURITY UPDATE: fix potential DoS in certificate verification
  - debian/patches/92_CVE-2006-7239.diff: update to verify hash
    algorithm is supported and not NULL
  - CVE-2006-7239

Author: Jamie Strandboge
Revision Date: 2010-06-02 15:25:32 UTC

* SECURITY UPDATE: fix potential DoS in certificate verification
  - debian/patches/92_CVE-2006-7239.diff: update to verify hash
    algorithm is supported and not NULL
  - CVE-2006-7239