ubuntu/+source/gnutls26:ubuntu/lucid

Last commit made on 2009-12-21
Get this branch:
git clone -b ubuntu/lucid https://git.launchpad.net/ubuntu/+source/gnutls26
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/lucid
Repository:
lp:ubuntu/+source/gnutls26

Recent commits

addd175... by Andreas Metzler <email address hidden> on 2009-11-13

Import patches-unapplied version 2.8.5-2 to debian/squeeze

Imported using git-ubuntu import.

Changelog parent: 3ea93765b1ef302a17c8c8c9d986f29cd94689e7

New changelog entries:
  * Add a huge bunch of lintian overrides for the guile stuff to make dak
    happy.
  * Add datefudge to build-depends. (Only needed for the pkcs1-pad test.)
  * Switch to '3.0 (quilt)' source format, allowing us to use upstreams
    orig.tar.bz2 without repacking it to gz.
  * New upstream version.
    + Drop patches/20_fixtimebomb.diff.

3ea9376... by Andreas Metzler <email address hidden> on 2009-11-01

Import patches-unapplied version 2.8.4-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b6604433b270ead2a6e272a51a102293fbaa1768

New changelog entries:
  * [20_fixtimebomb.diff] Fix testsuite error. Closes: #552920

b660443... by Andreas Metzler <email address hidden> on 2009-09-26

Import patches-unapplied version 2.8.4-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 4120826d4d766578b8027dd860830fb15cb70e6b

New changelog entries:
  * New upstream version.
    + Drop debian/patches/15_openpgp.diff.
  * Sync priorities with override file, libgnutls26 has been bumped from
    important to standard.

4120826... by Andreas Metzler <email address hidden> on 2009-09-05

Import patches-unapplied version 2.8.3-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: bd4dcbca3a7d045b77287b6175f0cf67ba890944

New changelog entries:
  * Empty dependency_libs in la-files. (Squeeze release goal.)

bd4dcbc... by Andreas Metzler <email address hidden> on 2009-08-22

Import patches-unapplied version 2.8.3-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 85698c80bd630b92c170485b3829499fba7f61c9

New changelog entries:
  * [ debian/patches/15_openpgp.diff ] The CVE-2009-2730 patch broke
    openpgp connections.

85698c8... by Andreas Metzler <email address hidden> on 2009-08-14

Import patches-unapplied version 2.8.3-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0a24734df340c16ef5c4f78676767973e67bf175

New changelog entries:
  * New upstream version.
    + Stops hardcoding a hard dependency on the versions of gcrypt and tasn it
      was built against. Closes: #540449
    + Fixes CVE-2009-2730, a vulnerability related to NUL bytes in X.509
      certificate name fields. Closes: #541439 GNUTLS-SA-2009-4
      http://lists.gnu.org/archive/html/help-gnutls/2009-08/msg00011.html
  * Drop 15_chainverify_expiredcert.diff, included upstream.
  * Urgency high, since 541439 applies to testing, too.

0a24734... by Andreas Metzler <email address hidden> on 2009-08-06

Import patches-unapplied version 2.8.1-2 to debian/sid

Imported using git-ubuntu import.

Changelog parent: a2f09f99a0cc37fbe4092e830adf12be0939befe

New changelog entries:
  [ Simon Josefsson ]
  * Remove cruft in rules file.
  * Remove patches/15_tasn1inpc.diff, not needed.
  [ Andreas Metzler ]
  * Finally add an entry to the NEWS.Debian file concerning the deprecation of
    RSA-MD2 and RSA-MD5 for signature verification. Closes: #514578
  * Upload to unstable.
  * 15_chainverify_expiredcert.diff: New patch, pulled from upstream GIT.
    Fix testsuite error caused by expired certificate.

a2f09f9... by Andreas Metzler <email address hidden> on 2009-06-11

Import patches-unapplied version 2.8.1-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 5f0ec42e76bfdcf0da62d02116cf28e23e071565

New changelog entries:
  * New upstream stable release.
  * [debian/control] set section setting of source package to libs instead of
    devel.
  * New upstream version.
    + Drop debian/patches/16_symbolversioning_fix.diff, included upstream.
    + Bump shlibs, new symbols added.

5f0ec42... by Andreas Metzler <email address hidden> on 2009-05-21

Import patches-unapplied version 2.7.12-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: e0915443fbc662786e91620fd54af752897845bb

New changelog entries:
  * Fix typo in changelog. Closes: #526427
  * New upstream release.
    + Does not ship the scripts libgnutls-extra-config and libgnutls-config
      and the .m4 snippet to use it anymore. Please switch to pkg-config or
      standard autoconf test. Drop manpages and
      both patches/13_lessdeps_gnutls-config.diff and
      patches/13_lessdeps_gnutls-config.diff from the debian diff.
    + Update remaining patches.
    + Bump shlibs, new symbols added.
  * [patches/16_symbolversioning_fix.diff] Since gnutls_x509_crq_set_key was
    already present in 2.6.x it needs to be versioned GNUTLS_1_4 instead of
    GNUTLS_2_8.
  * New upstream uses separate ./configure scripts for the different
    libraries. Invoke the main ./configure script with
    --cache-file=$(CURDIR)/config.cache to speed things up.

e091544... by Andreas Metzler <email address hidden> on 2009-04-30

Import patches-unapplied version 2.6.6-1 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 2964926766812f6b638ef7c25a80d5980921c045

New changelog entries:
  * use @LTLIBTASN1@ instead of @LIBTASN1@ in Libs.private of *.pc.in. This
    way lib-link.m4 gives us -ltasn1 instead of /usr/lib/libtasn1.so.
  * New upstream security release.
    + libgnutls: Corrected double free on signature verification failure.
      GNUTLS-SA-2009-1 CVE-2009-1415
    + libgnutls: Fix DSA key generation. Noticed when investigating the
      previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS
      2.6.x are corrupt. See the advisory for more details.
      GNUTLS-SA-2009-2 CVE-2009-1416
    + libgnutls: Check expiration/activation time on untrusted certificates.
      Before the library did not check activation/expiration times on
      certificates, and was documented as not doing so.
      GNUTLS-SA-2009-3 CVE-2009-1417
   * The former two issues only apply to gnutls 2.6.x. The latter is a
     brehavior change, add a NEWS.Debian file to document it.