lp:ubuntu/saucy-updates/gnutls26
- Get this branch:
- bzr branch lp:ubuntu/saucy-updates/gnutls26
Branch merges
Branch information
Recent revisions
- 43. By Marc Deslauriers
-
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/ CVE-2014- 3466.patch: validate session_id_len in
lib/gnutls_ handshake. c.
- CVE-2014-3466 - 42. By Marc Deslauriers
-
* SECURITY UPDATE: certificate validation bypass
- debian/patches/ CVE-2014- 0092.patch: correct return codes in
lib/x509/verify. c.
- CVE-2014-0092 - 41. By Marc Deslauriers
-
* SECURITY UPDATE: incorrect v1 intermediate cert handling
- debian/patches/ CVE-2014- 1959.patch: don't consider a v1 intermediate
cert to be a valid CA by default in lib/x509/verify.c.
- CVE-2014-1959 - 40. By Colin Watson
-
Link test-lock and test-thread_create with -Wl,--no-as-needed; see
https://lists. gnu.org/ archive/ html/bug- gnulib/ 2013-10/ msg00017. html.
Based on a similar change by Matthias Klose in libidn. - 39. By Marc Deslauriers
-
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/ CVE-2013- 2116.patch: added sanity check in
lib/gnutls_ cipher. c.
- CVE-2013-2116 - 38. By Timo Aaltonen
-
* Merge from debian-
experimental, remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
* Drop gnulib-gets.diff: upstream. - 37. By Colin Watson
-
* Resynchronise with Debian. Remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
* Avoid assuming that gets is declared. - 36. By Thorsten Glaser
-
Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841). - 35. By Tyler Hicks
-
* SECURITY UPDATE: Denial of service via crafted TLS record (LP: #978661)
- debian/patches/ CVE-2012- 1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/trusty/gnutls26