ubuntu/+source/gnutls26:debian/wheezy

Last commit made on 2016-04-02
Get this branch:
git clone -b debian/wheezy https://git.launchpad.net/ubuntu/+source/gnutls26
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/wheezy
Repository:
lp:ubuntu/+source/gnutls26

Recent commits

c11377f... by Salvatore Bonaccorso on 2016-01-08

Import patches-unapplied version 2.12.20-8+deb7u5 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: e4e7cca7e3856d8bf35b0d6cb15c6beb117f8d05

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Add 43_CVE-2015-7575.diff patch.
    CVE-2015-7575: MD5-based ServerKeyExchange signature accepted by
    default.
  * Non-maintainer upload by the Security Team.
  * Add 42_CVE-2015-8313.diff patch.
    CVE-2015-8313: Fixes off by one issue in padding check.

e4e7cca... by Salvatore Bonaccorso on 2015-03-13

Import patches-unapplied version 2.12.20-8+deb7u3 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: ffc72e0a19da7d392c3aef093d15c0e3ae0d01b5

New changelog entries:
  * Non-maintainer upload by the Security Team.
  * Add 40_CVE-2015-0294.diff patch.
    CVE-2015-0294: certificate algorithm consistency checking issue.
  * Add 41_CVE-2015-0282.diff patch.
    CVE-2015-0282: RSA PKCS#1 signature verification forgery
    (GNUTLS-SA-2015-1).

ffc72e0... by Andreas Metzler <email address hidden> on 2014-05-31

Import patches-unapplied version 2.12.20-8+deb7u2 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 23e0d84fde9d478699ab88e388caa678a8469839

New changelog entries:
  * 39_Prevent-memory-corruption.diff from upstream GIT. Fix memory corruption
    on client side caused by specially crafted ServerHello.
    GNUTLS-SA-2014-3 / CVE-2014-3466

23e0d84... by Andreas Metzler <email address hidden> on 2014-03-01

Import patches-unapplied version 2.12.20-8+deb7u1 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: a0a93eee1f96b8dfab3a51b1db0b20d8f571e609

New changelog entries:
  * 38_CVE-2014-0092.diff by Nikos Mavrogiannopoulos: Fix certificate
    validation issue. CVE-2014-0092
  * 26_fix_rejection-of-v1-intermedi.diff pulled and unfuzzed from GIT 3.x:
    A version 1 intermediate certificate will be considered as a CA
    certificate by default (something that deviates from the documented
    behavior).
    CVE-2014-1959 / GNUTLS-SA-2014-1

a0a93ee... by Andreas Metzler <email address hidden> on 2013-05-24

Import patches-unapplied version 2.12.20-7 to debian/wheezy

Imported using git-ubuntu import.

Changelog parent: 584d1887a2d790662ed0dbe5132416fa7804c1e6

New changelog entries:
  * [36_sanitycheck.diff] from upstream GIT. - Fix out of bounds data access.
    Closes: #709301

584d188... by Andreas Metzler <email address hidden> on 2013-04-04

Import patches-unapplied version 2.12.20-6 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8d43b89993c87d4eeb0ece90f1018221fb935760

New changelog entries:
  * For wheezy build gnutls-bin and guile-gnutls from this source package
    rather than from gnutls28. gnutls28 is a leaf-package in wheezy. Not
    shipping would mean a lot less work for the security team if there was a
    GnuTLS vulnerability. If wanted, it can be re-introduced via backports.
    The versioning trick has been copied from Ubuntu.
  * Since guile support would require building with --disable-largefile on
    armel armhf mipsel we do not provide the package there.

8d43b89... by Andreas Metzler <email address hidden> on 2013-03-22

Import patches-unapplied version 2.12.20-5 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 91f9e9f9a5012a47d909c154c6ef07532a09937c

New changelog entries:
  * Testbuild gnutls guile bindings, binary packages unchanged.

91f9e9f... by Andreas Metzler <email address hidden> on 2013-02-04

Import patches-unapplied version 2.12.20-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b9a5e4b93d2cd583b78d11e370567104198cdd20

New changelog entries:
  * Pull fixes from 2.12.23:
    + 34_pkcs11_memleak.diff Eliminated memory leak in PCKS #11
      initialization.
    + 35_TLS-CBC_timing-attack.diff (GNUTLS-SA-2013-1) TLS CBC padding timing
      attack

b9a5e4b... by Andreas Metzler <email address hidden> on 2013-01-06

Import patches-unapplied version 2.12.20-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: cb805d2f5a5210328257a8e6fdf3eb6f2700bea5

New changelog entries:
  * Pull fixes from 2.12.22:
    +31_allow_key_usage_violation.diff: Always tolerate key usage violation
     errors from the side of the peer, but also notify via an audit message.
    +32_record-padding-parsing.patch: Fix record padding parsing issue.
    +33_stricter_rsa_pkcs_1.5.diff: Fixes random handshake failures with
     non-GnuTLS implementations.
    This brings us up to GnuTLS 2.12.22, except for these differences:
    - The equivalent change of 33_stricter_rsa_pkcs_1.5.diff for the nettle
      code is not included as it is not relevant for Debian's binary packages.
    - 0b9d8d6f21dad85038c6de36d8fbd56271263f64 Corrected bug in PGP subpacket
      encoding.
    - Compatibility with libtasn1 3.x, which would require libtasn1 >=2.14.
    - Updated gnulib.
  * Update watchfile, based on Bart Martens version from q.d.o, but use a)
    ftp.gnutls.org as mirror and b) limit the the match to 2.x versions.

cb805d2... by Andreas Metzler <email address hidden> on 2012-11-13

Import patches-unapplied version 2.12.20-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 8b00cc8dfa9e650d191f0f2355c60fa5d4b8dbd1

New changelog entries:
  * 30_strlen_on_null.diff: Fix segfault caused by running strlen() on NULL.
    Closes: #647747
  * Fix documentation packaging. gnutls-doc is built from the GnuTLS 3.x
    packages. Add a new gnutls26-doc package which drops manpages and info
    format documentation in favour of being co-installable with
    gnutls-doc.