-
p11-kit (0.23.2-5~ubuntu16.04.2) xenial-security; urgency=medium
* SECURITY UPDATE: multiple integer overflows
- debian/patches/CVE-2020-29361-1.patch: check for arithmetic overflows
before allocating in p11-kit/iter.c, p11-kit/lists.c,
p11-kit/proxy.c, p11-kit/rpc-message.c, p11-kit/rpc-message.h,
p11-kit/rpc-server.c, trust/index.c.
- debian/patches/CVE-2020-29361-2.patch: add reallocarray and follow-up
to arithmetic overflow fix in common/compat.c, common/compat.h,
p11-kit/rpc-message.c.
- CVE-2020-29361
* SECURITY UPDATE: heap over-read in the RPC protocol
- debian/patches/CVE-2020-29362.patch: fix bounds check in
p11-kit/rpc-message.c.
- CVE-2020-29362
-- Marc Deslauriers <email address hidden> Mon, 04 Jan 2021 14:18:11 -0500
-
p11-kit (0.23.2-5~ubuntu16.04.1) xenial-proposed; urgency=medium
* Backport to Ubuntu 16.04 LTS for improved manpages (LP: #1615449)
* Don't enable hardening flags to keep this change minimal.
p11-kit (0.23.2-5) unstable; urgency=medium
* Build and ship upstream manpages. (Thanks, Julien Cristau)
+ Add b-d on gtk-doc-tools.
+ Pass --enable-doc to ./configure.
+ Drop minimal debian/p11-kit.1 manpage.
Closes: #834992
p11-kit (0.23.2-4) unstable; urgency=medium
* Move Vcs-* from git/http to https.
* Improved package description by Justin B Rye. Closes: #822860
* Build with hardening=+all.
-- Jeremy Bicha <email address hidden> Sun, 21 Aug 2016 20:43:56 -0400
-
p11-kit (0.23.2-3) unstable; urgency=medium
* Migrate from -dbg package to ddebs. dh_strip's --ddeb-migration
option was added to debhelper/unstable with version 9.20150628, bump
build-dependency accordingly.
-- Andreas Metzler <email address hidden> Sun, 27 Dec 2015 13:15:04 +0100
-
p11-kit (0.23.2-2) unstable; urgency=medium
* Upload to unstable.
-- Andreas Metzler <email address hidden> Sun, 20 Dec 2015 13:35:49 +0100
-
p11-kit (0.23.1-3) unstable; urgency=medium
* Build-fixes for hurd by Pino Toscano:
+ 30_nogetauxvalonbsd.diff: Always use _p11_getauxval() helper.
+ 35_hurd_enable_secure.diff: Disable __libc_enable_secure usage on Hurd.
Closes: #792095
-- Andreas Metzler <email address hidden> Sat, 11 Jul 2015 11:53:04 +0200