Format: 1.7 Date: Fri, 20 Feb 2009 13:05:18 -0600 Source: gnutls13 Binary: libgnutls-dev libgnutlsxx13 libgnutls13 gnutls-bin gnutls-doc libgnutls13-dbg Architecture: sparc_translations sparc Version: 1.6.3-1ubuntu0.4 Distribution: gutsy Urgency: low Maintainer: Ubuntu/sparc Build Daemon Changed-By: Jamie Strandboge Description: gnutls-bin - the GNU TLS library - commandline utilities libgnutls-dev - the GNU TLS library - development files libgnutls13 - the GNU TLS library - runtime library libgnutls13-dbg - GNU TLS library - debugger symbols libgnutlsxx13 - the GNU TLS library - C++ runtime library Launchpad-Bugs-Fixed: 305264 305264 Changes: gnutls13 (1.6.3-1ubuntu0.4) gutsy-security; urgency=low . * Fix for certificate chain regressions introduced by fixes for CVE-2008-4989 * debian/patches/91_CVE-2008-4989.diff: updated to upstream's final 2.4.2 - 2.4.3 patchset for lib/x509/verify.c to fix CVE-2008-4989 and address all known regressions. To summarize from upstream: - Fix X.509 certificate chain validation error (CVE-2008-4989) - Fix chain verification for chains that end with RSA-MD2 CAs (LP: #305264) - Deprecate X.509 validation chains using MD5 and MD2 signatures - Accept chains where intermediary certs are trusted (LP: #305264) Files: fd97b6d00477291ad341af559e4cb8c7 12177 raw-translations - gnutls13_1.6.3-1ubuntu0.4_sparc_translations.tar.gz 23a198307ffaaf9a0480bc79088d6d60 425482 libdevel optional libgnutls-dev_1.6.3-1ubuntu0.4_sparc.deb 769689cb86bc359443e1ca2941e62797 305172 libs important libgnutls13_1.6.3-1ubuntu0.4_sparc.deb c8fdbc6bbd15e22e64dc61e1561701a7 716456 devel extra libgnutls13-dbg_1.6.3-1ubuntu0.4_sparc.deb ccb3a8f9c120d8b8f96054a5f9aeab0b 202680 net optional gnutls-bin_1.6.3-1ubuntu0.4_sparc.deb 1503ddd952ff1defd20844724d1034f0 103762 libs optional libgnutlsxx13_1.6.3-1ubuntu0.4_sparc.deb Original-Maintainer: Debian GnuTLS Maintainers