Format: 1.8 Date: Fri, 06 Dec 2019 09:47:07 +0800 Source: mbedtls Architecture: source Version: 2.16.3-1.1~ubuntu16.04.1~ppa1 Distribution: xenial Urgency: high Maintainer: James Cowgill Changed-By: Hawk Closes: 857560 860302 873557 890287 890288 904821 915796 941265 Changes: mbedtls (2.16.3-1.1~ubuntu16.04.1~ppa1) xenial; urgency=medium . [ Andy Li ] * Set d/compat back to 9. * Disable parallel build. . [ Hawk ] * No-change backport to xenial . mbedtls (2.16.3-1) unstable; urgency=medium . * New upstream release. - Fixes CVE-2019-16910 - Side channel attack on deterministic ECDSA. (Closes: #941265) . * d/libmbedcrypto3.symbols: - Add new mbedtls_ecdsa_sign_det_ext symbol. . mbedtls (2.16.2-1) unstable; urgency=medium . * New upstream release. . * d/control: Use debhelper compat 12. * d/libmbedx509-0.symbols: Add new test symbols. * d/not-installed: Add file listing mbedTLS programs. . mbedtls (2.16.0-1) unstable; urgency=medium . * New upstream release. . * d/control: Bump standards to 4.3.0. * d/libmbedcrypto3.symbols, d/libmbedtls12.symbols: - Add new symbols found in 2.16. . mbedtls (2.14.1-2) unstable; urgency=medium . [ Aurelien Jarno ] * bn_mul.h: require at least ARMv6 to enable the ARM DSP code. - Fixes FTBFS on armel. . mbedtls (2.14.1-1) unstable; urgency=high . * New upstream release. - Fixes CVE-2018-19608 - Local timing attack on RSA decryption. (Closes: #915796) . * d/libmbedcrypto3.symbols, d/libmbedx509-0.symbols: - Add new symbols found in 2.14.1. . mbedtls (2.13.0-3) unstable; urgency=medium . * Upload to unstable. . mbedtls (2.13.0-2) experimental; urgency=medium . [ Ondřej Nový ] * d/tests: Use AUTOPKGTEST_TMP instead of ADTTMP. . [ James Cowgill ] * d/control: - Revert "Require all 3 mbedtls libraries to be the same version" to make the transition easier. * d/libmbed{crypto,tls}*.symbols: - Update all symbol versions to 2.13. . mbedtls (2.13.0-1) experimental; urgency=medium . * New upstream release. * Rename libraries due to upstream SONAME bump. . * d/control: - Remove obsolete Breaks from libmbedcrypto3. - Bump standards version. - Move faketime build-dependency to Build-Depends-Arch. - Build-depend on python3. * d/gbp.conf: Remove. * d/libmbedtls12.symbols: Symbol updates for 2.13. * d/rules: use sed to adjust config.h. * d/patches: Drop 02_revert-soversion-bumps.patch. * d/source: Add files for dgit-maint-merge workflow. . mbedtls (2.12.0-1) unstable; urgency=medium . * New upstream release. - Fixes CVE-2018-0497 and CVE-2018-0498. (Closes: #904821) . * debian/control: Bump standards version to 4.1.5. * debian/patches: Refresh patches. * debian/libmbedcrypto1.symbols: - Add new symbols. - Remove the internal mbedtls_threading_gmtime_mutex symbol. . mbedtls (2.11.0-1) unstable; urgency=medium . * New upstream release. . * debian/control: - Require all 3 mbedtls libraries to be the same version. * debian/patches: - Refresh 01_config.patch. - Update SOVERSION patch to revert changes from 2.11.0. * debian/*.symbols: - Add new public symbols in 2.11. - Update internal symbol versions. . mbedtls (2.9.0-2) unstable; urgency=medium . * Upload to unstable. * Revert libmbedcrypto ABI bump. - Add patch to revert upstream SOVERSION bump. - Revert package rename in 2.9.0-1. . mbedtls (2.9.0-1) experimental; urgency=medium . * New upstream release. * Rename libmbedcrypto1 to libmbedcrypto2 due to SONAME bump. . * debian/libmbedtls10.symbols: - Add new symbols. * debian/patches: - Refresh config patch. . mbedtls (2.8.0-1) unstable; urgency=medium . * New upstream release. . * debian/control: - Bump standards version to 4.1.4. - Set Rules-Requires-Root: no. * debian/libmbedcrypto1.symbols: - Add new symbols in 2.8. * debian/patches: - Refresh config patch. - Drop 02_dhm-Fix-typo-in-RFC-5114-constants.patch - applied upstream. * debian/rules: - Use /usr/share/dpkg/architecture.mk to get DEB_HOST_MULTIARCH. - Clean apidoc directory using debian/clean file. . mbedtls (2.7.0-2) unstable; urgency=medium . * Upload to unstable. * debian/patches/02_dhm-Fix-typo-in-RFC-5114-constants.patch: - Add patch to fix typo in RFC 5114 constants. . mbedtls (2.7.0-1) experimental; urgency=medium . * New upstream release. - Fixes CVE-2018-0488. (Closes: #890287) - Fixes CVE-2018-0487. (Closes: #890288) * Rename libmbedcrypto0 to libmbedcrypto1 due to SONAME bump. . * debian/compat: - Use debhelper compat 11. * debian/control: - Switch to salsa.debian.org Vcs URLs. - Bump standards version to 4.1.3. - Drop useless Testsuite field in debian/control. * debian/copyright: - Update copyright dates. * debian/libmbedtls-doc.*: - Fix various paths to work with the new documentation location used by debhelper 11. * debian/patches: - Refresh config patch. * debian/*.symbols: - Add symbols updates for libmbedtls10. - Rewrite symbols libmbedcrypto1 symbols file. . mbedtls (2.6.0-1) unstable; urgency=high . * New upstream version. - Fixes possible authentication bypass if a peer supplies a certificate chain with more than 8 intermediates. (Closes: #873557) . * debian/copyright: - Update copyright dates. - Use https Format URL. * debian/control: - Bump standards to 4.1.0 (no changes required). - Use debhelper compat 10. * debian/libmbedcrypto0.symbols: - Add new symbols from 2.6.0. * debian/patches: - Refresh config patch. - Drop all stubs patches - upstream reverted the ABI breakage. . mbedtls (2.5.1-1) unstable; urgency=medium . * New upstream version. . * debian/control: - Bump standards to 4.0.0 (no changes required). * debian/patches: - Refresh config patch. - Add patches to maintain the ABI. * debian/rules: - Enable static library build. (Closes: #860302) - Pass upstream release date to faketime instead of a fixed date. * debian/*.symbols: - Add new symbols from mbedTLS 2.5. * debian/tests: - Test static library in autopkgtests. . mbedtls (2.4.2-1) unstable; urgency=high . * New upstream version. - Fixes CVE-2017-2784 - freeing of memory allocated on the stack when validating a public key with a secp224k1 curve. (Closes: #857560) . * debian/rules: - Run testsuite inside faketime to prevent it suddenly failing in the future. Thanks Niels Thykier! . mbedtls (2.4.0-1) unstable; urgency=medium . * New upstream version. . * debian/control: - Mark libmbedtls-doc multi-arch foreign. * debian/libmbedtls10.symbols: - Add new symbols found in 2.4. * debian/patches: - Drop 02_ssl_time_t.patch - alternate fix applied upstream. - Refresh 01_config.patch. . mbedtls (2.3.0-1) unstable; urgency=medium . * New upstream version. . * debian/copyright: - Update dates and my email address. * debian/patches: - Refresh 01_config.patch. - Drop 02_x32.patch -- applied upstream. - Add 02_ssl_time_t.patch. Fixes compile error when including mbedtls/ssl.h. . mbedtls (2.2.1-3) unstable; urgency=medium . * debian/control: - Use my debian.org email address. - Bump standards to 3.9.8 (no changes). * debian/patches: - Add 02_x32.patch to fix FTBFS on x32. * debian/rules: - Enable all hardening options. Checksums-Sha1: 82789cf8a1a4056c3f12d2e5c6c5c25661f2f5ed 2282 mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1.dsc dce8550f8f9465f3aea44cb7d0f9d0ba8140034a 2553709 mbedtls_2.16.3.orig.tar.gz 8a9255f04db85f8c21bf04367d7797a7ccaa1b28 12780 mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1.debian.tar.xz 074c89b6c95e5b423b49795e81f83bc2ff1479c1 6214 mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1_source.buildinfo Checksums-Sha256: ba3a3a0bc89cf9ad18ea3dac74f15981e5ad7b5cf3c0b061c92e5a6be1660091 2282 mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1.dsc ec1bee6d82090ed6ea2690784ea4b294ab576a65d428da9fe8750f932d2da661 2553709 mbedtls_2.16.3.orig.tar.gz ec2e1681508a04f40d90cb77d82454f9ca950bd6a3e6cacd1074d0ce38edb524 12780 mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1.debian.tar.xz 5096514ae6299d8e0c34dffe308cb67ab458de38cba0345f8c378970bae80ef0 6214 mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1_source.buildinfo Files: 3bc2a067dd1168a17fe40d8f49dd289e 2282 libs optional mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1.dsc 90ce7c7a001d2514410280706b3ab1a7 2553709 libs optional mbedtls_2.16.3.orig.tar.gz b07f0d795d6628d32a22e4489863d4c1 12780 libs optional mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1.debian.tar.xz b2916c6ccf8715e591b0aaa50944d3f3 6214 libs optional mbedtls_2.16.3-1.1~ubuntu16.04.1~ppa1_source.buildinfo