gnutls12 1.2.9-2ubuntu1.7 source package in Ubuntu
Changelog
gnutls12 (1.2.9-2ubuntu1.7) dapper-security; urgency=low * SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and Subject Alternative Name (SAN) in X.509 certificates (LP: #413136) - debian/patches/91_CVE-2009-2730.diff: verify length of CN and SAN are what we expect and error out if either contains an embedded \0. This fixed required fixing gnutls_x509_crt_check_hostname() to not "treat absence of CN in subject as a successful RFC 2818 hostname" This fix also required updating _gnutls_hostname_compare() in lib/x509/rfc2818_hostname.c to support wide wildcard hostname and ip address matching. This is a backward compatible change and which only adds additional matching of hostnames. - CVE-2009-2730 -- Jamie Strandboge <email address hidden> Tue, 18 Aug 2009 14:21:17 -0500
Upload details
- Uploaded by:
- Jamie Strandboge
- Uploaded to:
- Dapper
- Original maintainer:
- Matthias Urlichs
- Architectures:
- any
- Section:
- devel
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
gnutls12_1.2.9.orig.tar.gz | 3.2 MiB | b0613f143b47f6811fbbc65d247dc10bf2c15f11e3904f20abc9254f24be11c1 |
gnutls12_1.2.9-2ubuntu1.7.diff.gz | 541.7 KiB | d3845516df201b7845312512ea8f9d247b478c33afb2fd4995a2731c4eb980dd |
gnutls12_1.2.9-2ubuntu1.7.dsc | 826 bytes | c13a61d356d06505fbd8ce5704a9921b92fb6c5e1308ca9572e4367d767371c8 |
Available diffs
Binary packages built by this source
- gnutls-bin: No summary available for gnutls-bin in ubuntu dapper.
No description available for gnutls-bin in ubuntu dapper.
- libgnutls-dev: No summary available for libgnutls-dev in ubuntu dapper.
No description available for libgnutls-dev in ubuntu dapper.
- libgnutls12: No summary available for libgnutls12 in ubuntu dapper.
No description available for libgnutls12 in ubuntu dapper.
- libgnutls12-dbg: No summary available for libgnutls12-dbg in ubuntu dapper.
No description available for libgnutls12-dbg in ubuntu dapper.