ubuntu/+source/gnutls26:ubuntu/saucy-devel

Last commit made on 2014-06-02
Get this branch:
git clone -b ubuntu/saucy-devel https://git.launchpad.net/ubuntu/+source/gnutls26
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/saucy-devel
Repository:
lp:ubuntu/+source/gnutls26

Recent commits

853eec2... by Marc Deslauriers on 2014-06-01

Import patches-unapplied version 2.12.23-1ubuntu4.3 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: 13754c10a8e8c785b2f58bc7e2d4ba0bb5abf2dd

New changelog entries:
  * SECURITY UPDATE: memory corruption due to server hello parsing
    - debian/patches/CVE-2014-3466.patch: validate session_id_len in
      lib/gnutls_handshake.c.
    - CVE-2014-3466

13754c1... by Marc Deslauriers on 2014-03-03

Import patches-unapplied version 2.12.23-1ubuntu4.2 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: e0f845e2234112498e544864b3f99d4e934eff77

New changelog entries:
  * SECURITY UPDATE: certificate validation bypass
    - debian/patches/CVE-2014-0092.patch: correct return codes in
      lib/x509/verify.c.
    - CVE-2014-0092

e0f845e... by Marc Deslauriers on 2014-02-24

Import patches-unapplied version 2.12.23-1ubuntu4.1 to ubuntu/saucy-security

Imported using git-ubuntu import.

Changelog parent: da00ba4b99fc17286d05bc4fb4c0292507dce2ce

New changelog entries:
  * SECURITY UPDATE: incorrect v1 intermediate cert handling
    - debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate
      cert to be a valid CA by default in lib/x509/verify.c.
    - CVE-2014-1959

da00ba4... by Colin Watson on 2013-10-07

Import patches-unapplied version 2.12.23-1ubuntu4 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: 3a11b07f57f7362ef28a125d9cc410930aab6fcc

New changelog entries:
  * Link test-lock and test-thread_create with -Wl,--no-as-needed; see
    https://lists.gnu.org/archive/html/bug-gnulib/2013-10/msg00017.html.
    Based on a similar change by Matthias Klose in libidn.

3a11b07... by Colin Watson on 2013-10-04

Import patches-unapplied version 2.12.23-1ubuntu3 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: fbb733928c7c95abb2d60c0c605a61214c31dfc5

New changelog entries:
  * Drop the sipsak Breaks on armhf back to (<= 0.9.6-2.1), which is
    sufficient for Ubuntu. The former versioning rendered sipsak
    uninstallable.

fbb7339... by Marc Deslauriers on 2013-05-27

Import patches-unapplied version 2.12.23-1ubuntu2 to ubuntu/saucy-proposed

Imported using git-ubuntu import.

Changelog parent: efb32a9bc235a8288f5d86f3943ba548586614f4

New changelog entries:
  * SECURITY UPDATE: denial of service via incorrect pad
    - debian/patches/CVE-2013-2116.patch: added sanity check in
      lib/gnutls_cipher.c.
    - CVE-2013-2116

efb32a9... by Timo Aaltonen on 2013-03-07

Import patches-unapplied version 2.12.23-1ubuntu1 to ubuntu/raring-proposed

Imported using git-ubuntu import.

Changelog parent: 948ae37d556f956c660a8b0b8c673060dfb9b287

New changelog entries:
  * Merge from debian-experimental, remaining changes:
    - Build gnutls-bin from this source package rather than from gnutls28:
      gnutls28's licensing is currently too strict for many of the free
      software packages built against it in Ubuntu main and we only want to
      support a single version. Bump its version to achieve this.
  * Drop gnulib-gets.diff: upstream.

948ae37... by Andreas Metzler <email address hidden> on 2013-02-06

Import patches-unapplied version 2.12.23-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 2150cce21f8e2954bd3816e5d6ab2d826f093dc1

New changelog entries:
  * New upstream version.
    + Includes fix for lucky thirteen TLS CBC padding timing
      attack. CVE-2013-0169 CVE-2013-1619 GNUTLS-SA-2013-1

2150cce... by Andreas Metzler <email address hidden> on 2013-01-06

Import patches-unapplied version 2.12.22-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: f5077e6254a4c655bd29e7118d2f74cb52be42e0

New changelog entries:
  * Update watchfile, based on Bart Martens version from q.d.o, but use a)
    ftp.gnutls.org as mirror and b) limit the the match to 2.x versions.
  * New upstream version.
    + Drop 30_strlen_on_null.diff.

f5077e6... by Andreas Metzler <email address hidden> on 2012-11-18

Import patches-unapplied version 2.12.21-4 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: c48cacd84e8a5fca8b30a5c93683c786bae3301b

New changelog entries:
  * 30_strlen_on_null.diff: Pulled from upstream git. Fix segfault caused
    by running strlen() on NULL. Closes: #647747