Ubuntu
gnutls13 package

lp:ubuntu/gutsy-updates/gnutls13

Gutsy (7.10)
gutsy-updates

Created by James Westby on 2009-07-08 and last modified on 2009-07-08

Get this branch:: bzr branch lp:ubuntu/gutsy-updates/gnutls13

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Status:: Development

Recent revisions

12. By Jamie Strandboge on 2008-12-05: * Fix for regression where some valid certificate chains would be untrusted
  - Update debian/patches/91_CVE-2008-4989.diff to check if last certificate
    is self-signed and prevent verifying self-signed certificates against
    themselves. Patch from upstream.
  - http://lists.gnu.org/archive/html/gnutls-devel/2008-12/msg00008.html
  - LP: #305264
11. By Jamie Strandboge on 2008-11-25: * SECURITY UPDATE: Fix for man-in-the-middle attack in certificate
  validation
  - debian/patches/91_CVE-2008-4989.diff: don't remove the last certificate
    if it is self-signed in lib/x509/verify.c
  - http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
  - http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3248
  - CVE-2008-4989
10. By Kees Cook on 2008-05-20: * SECURITY UPDATE: multiple remote denial of service.
* debian/patches/90_GNUTLS-SA-2008-1.diff: upstream fixes, thanks to Debian.
* References
GNUTLS-SA-2008-1
CVE-2008-1948, CVE-2008-1949, CVE-2008-1950
9. By LaMont Jones on 2007-10-02: Trigger rebuild for hppa.
8. By Andreas Metzler <email address hidden> on 2007-05-27: * New upstream version, pulling selected fixes and features from 1.7.x.
* Bump shlibs.
7. By Andreas Metzler <email address hidden> on 2007-05-13: Switch to liblzo2. (Thanks, Peter Eisentraut) (Closes: #423332)
6. By Andreas Metzler <email address hidden> on 2007-04-21: * New upstream version
  - Really Closes: #403887 libgnutls failes to parse OpenSSL generated
    certificates, since it contains a regenerated pkix_asn1_tab.c.
  - Ship German translation. Closes: #392857
5. By Matthias Klose on 2007-03-05: Rebuild for changes in the amd64 toolchain.
4. By Andreas Metzler <email address hidden> on 2006-11-11: Pulled /patches/18_negotiate_cypher.diff from 1.4.5:
When a GnuTLS server receive a SSLv2 Client Hello for an unknown TLS
version, try to negotiate the highest version support by the GnuTLS
server, instead of the lowest.
3. By Martin Pitt on 2006-09-18: * SECURITY UPDATE: Signature forgery.
* Add debian/patches/00CVS_CVE-2006-4790.patch:
  - Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
    applications from incorrectly verifying the certificate. (Similar to
    recent OpenSSL update.)
  - Patch taken from upstream CVS:
    http://lists.gnupg.org/pipermail/gnutls-dev/2006-September/001212.html
  - CVE-2006-4790

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntugnutls13 package