lp:ubuntu/utopic/gnutls26

Branch merges

Propose for merging

No branches dependent on this one.

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

46. By Marc Deslauriers on 2014-06-01

* SECURITY UPDATE: memory corruption due to server hello parsing
  - debian/patches/CVE-2014-3466.patch: validate session_id_len in
    lib/gnutls_handshake.c.
  - CVE-2014-3466

45. By Dimitri John Ledkov on 2014-05-08

* Merge with Debian; remaining changes:
  - Drop the sipsak Breaks on armhf back to (<= 0.9.6-2.1), which is
    sufficient for Ubuntu. The former versioning rendered sipsak
    uninstallable.
  - Link test-lock and test-thread_create with -Wl,--no-as-needed; see
    https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
  - debian/patches/99_update-libtool.patch: Update libtool.m4
  - debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.

* Dropped changes:
  - gnutls-bin is now going to be build from gnutls28 package, as it is
  now GPLv2 compatible.
  - security upload, included in debian.

44. By Marc Deslauriers on 2014-03-03

* SECURITY UPDATE: certificate validation bypass
  - debian/patches/CVE-2014-0092.patch: correct return codes in
    lib/x509/verify.c.
  - CVE-2014-0092

43. By Matthias Klose on 2014-02-27

* Merge with Debian; remaining changes:
  - Build gnutls-bin from this source package rather than from gnutls28:
    gnutls28's licensing is currently too strict for many of the free
    software packages built against it in Ubuntu main and we only want to
    support a single version. Bump its version to achieve this.
  - Drop the sipsak Breaks on armhf back to (<= 0.9.6-2.1), which is
    sufficient for Ubuntu. The former versioning rendered sipsak
    uninstallable.
  - Link test-lock and test-thread_create with -Wl,--no-as-needed; see
    https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
  - debian/patches/99_update-libtool.patch: Update libtool.m4
  - debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.

42. By Marc Deslauriers on 2014-02-24

* SECURITY UPDATE: incorrect v1 intermediate cert handling
  - debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate
    cert to be a valid CA by default in lib/x509/verify.c.
  - CVE-2014-1959

41. By Adam Conrad on 2013-12-04

* 25_updatedgdocfrommaster.diff - Update gdoc script from gnutls master to
  fix spurious build failure with perl 5.18. Closes: #724167
* debian/patches/99_update-libtool.patch: Update libtool.m4
* debian/rules: Set CC on cross-builds, so autoconf doesn't lose its mind.

40. By Colin Watson on 2013-10-07

Link test-lock and test-thread_create with -Wl,--no-as-needed; see
https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
Based on a similar change by Matthias Klose in libidn.

39. By Marc Deslauriers on 2013-05-27

* SECURITY UPDATE: denial of service via incorrect pad
  - debian/patches/CVE-2013-2116.patch: added sanity check in
    lib/gnutls_cipher.c.
  - CVE-2013-2116

38. By Timo Aaltonen on 2013-03-07

* Merge from debian-experimental, remaining changes:
  - Build gnutls-bin from this source package rather than from gnutls28:
    gnutls28's licensing is currently too strict for many of the free
    software packages built against it in Ubuntu main and we only want to
    support a single version. Bump its version to achieve this.
* Drop gnulib-gets.diff: upstream.

37. By Colin Watson on 2012-12-06

* Resynchronise with Debian. Remaining changes:
  - Build gnutls-bin from this source package rather than from gnutls28:
    gnutls28's licensing is currently too strict for many of the free
    software packages built against it in Ubuntu main and we only want to
    support a single version. Bump its version to achieve this.
* Avoid assuming that gets is declared.