lp:ubuntu/oneiric-updates/gnutls26
- Get this branch:
- bzr branch lp:ubuntu/oneiric-updates/gnutls26
Branch merges
Branch information
Recent revisions
- 31. By Marc Deslauriers
-
* SECURITY UPDATE: "Lucky Thirteen" timing side-channel TLS attack
- debian/patches/ CVE-2013- 1619.patch: avoid timing attacks in
lib/gnutls_ cipher. c, lib/gnutls_ hash_int. h.
- CVE-2013-1619 - 30. By Thorsten Glaser
-
Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841). - 29. By Tyler Hicks
-
* SECURITY UPDATE: Denial of service in client application
- debian/patches/ CVE-2011- 4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/ CVE-2012- 1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573 - 28. By Colin Watson
-
* Backport from Debian (Andreas Metzler, LP: #829467):
- [20_gcrypt15compat.diff] Fix compatibility with gcrypt 1.5. - 27. By Steve Langasek
-
debian/
libgnutlsxx26. install, debian/control: convert libgnutlsxx26
for multiarch as well. - 26. By Steve Langasek
-
* Merge from Debian unstable, remaining changes:
- Fix build failure with --no-add-needed.
- Build for multiarch.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/precise/gnutls26