Ubuntu
gnutls26 package

lp:ubuntu/jaunty-security/gnutls26

Jaunty (9.04)
jaunty-security

Created by James Westby on 2009-08-20 and last modified on 2009-08-20

Get this branch:: bzr branch lp:ubuntu/jaunty-security/gnutls26

Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

No branches dependent on this one.

Related bugs

Link a bug report

Related blueprints

Branch information

Owner:: Ubuntu branches

Review team:: Ubuntu Development Team

Status:: Mature

Recent revisions

13. By Jamie Strandboge on 2009-08-14: * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
  Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
  - debian/patches/26_CVE-2009-2730.diff: verify length of CN and SAN
    are what we expect and error out if either contains an embedded \0
  - CVE-2009-2730
12. By Andreas Metzler <email address hidden> on 2009-02-07: * New patches, syncing with 2.4.3 upstream oldstable release:
  + 24_intermedcertificate.patch If a non-root certificate ist trusted
    gnutls certificateificate verification stops there instead of checking
    up to the root of the certificate chain.
  + 22_whitespace.patch - Whitespace only changes, to make it possible to
    apply upstream fixes without manual changes.
  + 25_bufferoverrun.patch. Fix buffer overrun bug in
    gnutls_x509_crt_list_import.
    http://news.gmane.org/find-root.php?message_id=%3c000001c91d6e%2463059c90%242910d5b0%24%40com%3e
11. By Andreas Metzler <email address hidden> on 2009-01-31: * Pull two patches from upstream stable branch to make gnutls behavior
  match documentation:
+ patch 23_permit_v1_CA.diff:Accept v1 x509 CA
   certs if GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
   GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied. Closes: #509593
+ 22_deprecate_md2_md5_x509_validation.diff: Verifying untrusted X.509
   certificates signed with RSA-MD2 or RSA-MD5 will now fail with a
   GNUTLS_CERT_INSECURE_ALGORITHM verification output.
10. By Andreas Metzler <email address hidden> on 2008-12-06: * Add Simon Josefsson to uploaders.
* Another fix for the verification fix. Some correct certificate chains were
not recognized as verified. Closes: #507633
9. By Andreas Metzler <email address hidden> on 2008-11-12: Fix a crash on trying to verify self-signed certificates introduced by the
patch for CVE-2008-4989. Closes: #505279
8. By Andreas Metzler <email address hidden> on 2008-11-10: [CVE-2008-4989.diff] Fix man in the middle attack for certificate
verification. CVE-2008-4989 GNUTLS-SA-2008-3
7. By Andreas Metzler <email address hidden> on 2008-07-01: * New upstream bugfix release.
* Up to date gnutls-cli manpage. Closes: #492775
6. By Martin Pitt on 2008-08-06: Rebuild against thread-enabled guile-1.8.
5. By Andreas Metzler <email address hidden> on 2008-07-01: New upstream version, fixing a local denial of service vulnerability only
present in >= 2.3.5. GNUTLS-SA-2008-2 CVE-2008-2377
4. By Andreas Metzler <email address hidden> on 2008-06-24: * Standards version 3.8.0. Rename README.source_and_patches to README.source.
* Upload to unstable.
* Point watchfile to stable releases again.
* Merge experimental and unstable changelog.

Branch metadata

Branch format:: Branch format 7

Repository format:: Bazaar repository format 2a (needs bzr 1.16 or later)

Stacked on:: lp:ubuntu/karmic/gnutls26

This branch contains Public information

Everyone can see this information.

Subscribers

James Westby

Ubuntugnutls26 package