Ubuntu
gnutls26 package

Change logs for gnutls26 source package in Jaunty

  1. Jaunty (9.04)
  2. Change log 
  • gnutls26 (2.4.2-6ubuntu0.1) jaunty-security; urgency=low

  * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
    Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
    - debian/patches/26_CVE-2009-2730.diff: verify length of CN and SAN
      are what we expect and error out if either contains an embedded \0
    - CVE-2009-2730

 -- Jamie Strandboge <email address hidden>   Fri, 14 Aug 2009 14:01:09 -0500
  • gnutls26 (2.4.2-6) unstable; urgency=medium

  * New patches, syncing with 2.4.3 upstream oldstable release:
    + 24_intermedcertificate.patch If a non-root certificate ist trusted
      gnutls certificateificate verification stops there instead of checking
      up to the root of the certificate chain.
    + 22_whitespace.patch - Whitespace only changes, to make it possible to
      apply upstream fixes without manual changes. 
    + 25_bufferoverrun.patch. Fix buffer overrun bug in
      gnutls_x509_crt_list_import.
      http://news.gmane.org/find-root.php?message_id=%3c000001c91d6e%2463059c90%242910d5b0%24%40com%3e

 -- Jamie Strandboge <email address hidden>   Fri,  20 Feb 2009 20:10:15 +0000
  • gnutls26 (2.4.2-5) unstable; urgency=low

  * Pull two patches from upstream stable branch to make gnutls behavior
    match documentation:
   + patch 23_permit_v1_CA.diff:Accept v1 x509 CA
     certs if GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
     GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT were supplied. Closes: #509593
   + 22_deprecate_md2_md5_x509_validation.diff: Verifying untrusted X.509
     certificates signed with RSA-MD2 or RSA-MD5 will now fail with a
     GNUTLS_CERT_INSECURE_ALGORITHM verification output.

 -- Ubuntu Archive Auto-Sync <email address hidden>   Mon,  09 Feb 2009 08:56:25 +0000
  • gnutls26 (2.4.2-4) unstable; urgency=medium

  * Add Simon Josefsson to uploaders.
  * Another fix for the verification fix. Some correct certificate chains were
    not recognized as verified. Closes: #507633

 -- Ubuntu Archive Auto-Sync <email address hidden>   Sat,  06 Dec 2008 22:02:24 +0000
  • gnutls26 (2.4.2-3) unstable; urgency=low

  * Fix a crash on trying to verify self-signed certificates introduced by the
    patch for CVE-2008-4989. Closes: #505279

 -- Ubuntu Archive Auto-Sync <email address hidden>   Thu,  13 Nov 2008 10:59:19 +0000
  • gnutls26 (2.4.2-2) unstable; urgency=medium

  * [CVE-2008-4989.diff] Fix man in the middle attack for certificate
    verification. CVE-2008-4989 GNUTLS-SA-2008-3

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  11 Nov 2008 11:08:06 +0000
  • gnutls26 (2.4.2-1) unstable; urgency=low

  * New upstream bugfix release.
  * Up to date gnutls-cli manpage. Closes: #492775

 -- Ubuntu Archive Auto-Sync <email address hidden>   Tue,  04 Nov 2008 21:24:21 +0000
  • gnutls26 (2.4.1-1build1) intrepid; urgency=low

  * Rebuild against thread-enabled guile-1.8.

 -- Martin Pitt <email address hidden>   Wed, 06 Aug 2008 14:18:59 +0000