ubuntu/+source/gnutls26:applied/ubuntu/maverick-security

Last commit made on 2012-04-05
Get this branch:
git clone -b applied/ubuntu/maverick-security https://git.launchpad.net/ubuntu/+source/gnutls26
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/maverick-security
Repository:
lp:ubuntu/+source/gnutls26

Recent commits

4cd2a10... by Tyler Hicks on 2012-04-04

Import patches-applied version 2.8.6-1ubuntu0.1 to applied/ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 2860b567713cbcae9d661385bdd8a366af694f56
Unapplied parent: 49d917b72f3da0a3c78f105d9c106c819d813c97

New changelog entries:
  * SECURITY UPDATE: Denial of service in client application
    - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
      session data. Based on upstream patch.
    - CVE-2011-4128
  * SECURITY UPDATE: Denial of service via crafted TLS record
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573

49d917b... by Tyler Hicks on 2012-04-04

Validate record size when parsing GenericBlockCipher structure

Gbp-Pq: CVE-2012-1573.patch.

cd936d6... by Tyler Hicks on 2012-04-04

Check buffer size passed in from caller prior to overwriting it

Gbp-Pq: CVE-2011-4128.patch.

b5b27fe... by Tyler Hicks on 2012-04-04

16_unnecessarydep.diff

No DEP3 Subject or Description header found

Gbp-Pq: 16_unnecessarydep.diff.

487da90... by Tyler Hicks on 2012-04-04

15_fixgnutlspc.diff

No DEP3 Subject or Description header found

Gbp-Pq: 15_fixgnutlspc.diff.

0ad61c2... by Tyler Hicks on 2012-04-04

14_version_gettextcat.diff

No DEP3 Subject or Description header found

Gbp-Pq: 14_version_gettextcat.diff.

d8a8637... by Tyler Hicks on 2012-04-04

Import patches-unapplied version 2.8.6-1ubuntu0.1 to ubuntu/maverick-security

Imported using git-ubuntu import.

Changelog parent: 6f39b49f19af47ac165fd6709a220dec4ebf5eee

New changelog entries:
  * SECURITY UPDATE: Denial of service in client application
    - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
      session data. Based on upstream patch.
    - CVE-2011-4128
  * SECURITY UPDATE: Denial of service via crafted TLS record
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573

2860b56... by Andreas Metzler <email address hidden> on 2010-03-20

Import patches-applied version 2.8.6-1 to applied/debian/sid

Imported using git-ubuntu import.

Changelog parent: 9a256feff2ee41dca6eb040d43bf3359b1fa388e
Unapplied parent: 4b582c0e5ca416eac96d8e025b6b44a5efb617ba

New changelog entries:
  * Use dh_lintian.
  * Use dh_makeshlibs for the guile stuff, too. This gets us
    a) ldconfig in postinst. Closes: #553109
    and
    b) a shlibs file.
    However the shared objects /usr/lib/libguile-gnutls*so* are still not
    designed to be used as libraries (linking) but are dlopened. guile-1.10
    will address this issue by keeping this stuff in a private directory.
  * hotfix pkg-config files (proper fix to be included upstream).
  * Stop unneeeded linkage against libgpg-error. 16_unnecessarydep.diff

6f39b49... by Andreas Metzler <email address hidden> on 2010-03-20

Import patches-unapplied version 2.8.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: addd175efeafd97c4279b3220373f1d9fd753bf8

New changelog entries:
  * Use dh_lintian.
  * Use dh_makeshlibs for the guile stuff, too. This gets us
    a) ldconfig in postinst. Closes: #553109
    and
    b) a shlibs file.
    However the shared objects /usr/lib/libguile-gnutls*so* are still not
    designed to be used as libraries (linking) but are dlopened. guile-1.10
    will address this issue by keeping this stuff in a private directory.
  * hotfix pkg-config files (proper fix to be included upstream).
  * Stop unneeeded linkage against libgpg-error. 16_unnecessarydep.diff

4b582c0... by Andreas Metzler <email address hidden> on 2010-03-20

16_unnecessarydep.diff

No DEP3 Subject or Description header found

Gbp-Pq: 16_unnecessarydep.diff.