-
glib-networking (2.64.2-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Failure to validate TLS certificate hostname in
certain conditions, contrary to documented behaviour
- debian/patches/CVE-2020-13645.patch: Fail certificate verification
when the server identity is missing. Based on upstream patch.
- CVE-2020-13645
-- Alex Murray <email address hidden> Tue, 23 Jun 2020 16:15:45 +0930
-
glib-networking (2.64.2-1build1) focal; urgency=medium
* New upstream release, reenable TLS 1.0/1.1 protocols due to COVID-19
Upload to Ubuntu as build1 revision to include a bug reference
(lp: #1873777)
-- Sebastien Bacher <email address hidden> Mon, 20 Apr 2020 12:17:36 +0200
-
glib-networking (2.64.1-1) unstable; urgency=medium
* New upstream release
-- Jeremy Bicha <email address hidden> Sat, 28 Mar 2020 22:40:47 -0400
-
glib-networking (2.64.0-1) unstable; urgency=medium
* Team upload
* New upstream stable release
* Upload to unstable
- In particular, this removes a test that asserts we are able to
work around servers' protocol intolerance by falling back to older
TLS versions. That feature enables downgrade attacks, and was
removed in GLib 2.63.2 and glib-networking 2.63.2, causing the
test to fail in older glib-networking versions. (Closes: #953766)
* Switch packaging branch back to debian/master for unstable
* d/watch: Only look for stable releases again
* Standards-Version: 4.5.0 (no changes required)
* d/copyright: Remove PKCS11 stuff.
Its addition was reverted in 2.63.90.
-- Simon McVittie <email address hidden> Fri, 13 Mar 2020 09:51:06 +0000
-
glib-networking (2.63.91-1ubuntu1) focal; urgency=medium
* debian/patches/revert_buggy_change.patch:
- upstream recommended reverting this commit that created issues for
libsoup tests until they properly fix the issue in the next tarball
-- Sebastien Bacher <email address hidden> Mon, 24 Feb 2020 21:34:57 +0100
-
glib-networking (2.63.91-1) experimental; urgency=medium
* New upstream release
- Fix peer-certificate properties changing too soon
- GnuTLS backend: reduce session resumption cache lifetime
- GnuTLS backend: restore TLS 1.2 support for copy session state
* control: Bump GLib BD to 2.63.0 per upstream
-- Iain Lane <email address hidden> Mon, 17 Feb 2020 18:31:34 +0000
-
glib-networking (2.63.90-1ubuntu1) focal; urgency=medium
* debian/patches/revert_debugging_hanging.patch:
try reverting a commit that seems to make gvfs-dav tests hang,
the change will be uploaded to Debian once acked by upstream
-- Sebastien Bacher <email address hidden> Wed, 05 Feb 2020 17:05:27 +0100
-
glib-networking (2.63.3-0build1) focal; urgency=medium
[ Simon McVittie ]
* New upstream release
- d/p/Disable-PKCS-11-client-authentication-test.patch,
d/p/tls-tests-Fix-to-work-as-installed-tests.patch:
Drop, applied upstream
* Merge packaging changes from unstable
* d/copyright: Further updates
-- Sebastien Bacher <email address hidden> Tue, 28 Jan 2020 11:10:27 +0100
-
glib-networking (2.63.2-1) experimental; urgency=medium
* New upstream release
- Add support for new PKCS#11 APIs to facilitate use with smartcards
- Build mock PKCS #11 module only for GnuTLS backend
- Disable TLS 1.0 and TLS 1.1 when using GnuTLS
- Drop rehandshake mode and protocol version fallback support
- Fix crash when handshake context is reset too late
- Fix leak in GTlsCertificateGnutls finalizer
- Fix PKCS #11 tests with TLS 1.2
- Require GnuTLS 3.6.5
- Rework session resumption support for TLS 1.3
- Run GnuTLS tests under TLS 1.2 in addition to TLS 1.3
- Support OpenSSL 1.0.1
* control: Bump gnutls BD to 3.6.5 per meson.build
* d/p/Disable-PKCS-11-client-authentication-test.patch: Cherry pick. Follow
upstream in disabling a flaky test
* d/p/tls-tests-Fix-to-work-as-installed-tests.patch: Fix installed tests. A
required module wasn't being installed, and the tests weren't written to
find the files in the correct locations when run installed..
-- Iain Lane <email address hidden> Fri, 20 Dec 2019 12:29:00 +0000
-
glib-networking (2.62.1-1) unstable; urgency=medium
* New upstream release
* Drop obsolete dh_strip dbgsym migration rule
-- Jeremy Bicha <email address hidden> Sat, 05 Oct 2019 20:35:56 -0400
