-
gnutls26 (2.12.23-1ubuntu1.1) raring-security; urgency=low
* SECURITY UPDATE: denial of service via incorrect pad
- debian/patches/CVE-2013-2116.patch: added sanity check in
lib/gnutls_cipher.c.
- CVE-2013-2116
-- Marc Deslauriers <email address hidden> Mon, 27 May 2013 08:39:49 -0400
-
gnutls26 (2.12.23-1ubuntu1) raring; urgency=low
* Merge from debian-experimental, remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
* Drop gnulib-gets.diff: upstream.
gnutls26 (2.12.23-1) experimental; urgency=low
* New upstream version.
+ Includes fix for lucky thirteen TLS CBC padding timing
attack. CVE-2013-0169 CVE-2013-1619 GNUTLS-SA-2013-1
gnutls26 (2.12.22-1) experimental; urgency=low
* Update watchfile, based on Bart Martens version from q.d.o, but use a)
ftp.gnutls.org as mirror and b) limit the the match to 2.x versions.
* New upstream version.
+ Drop 30_strlen_on_null.diff.
gnutls26 (2.12.21-4) experimental; urgency=low
* 30_strlen_on_null.diff: Pulled from upstream git. Fix segfault caused
by running strlen() on NULL. Closes: #647747
gnutls26 (2.12.21-3) experimental; urgency=low
* Build with -sa.
gnutls26 (2.12.21-2) experimental; urgency=low
* Fix documentation packaging. gnutls-doc is built from the GnuTLS 3.x
packages. Add a new gnutls26-doc package which drops manpages and info
format documentation in favour of being is co-installable with
gnutls-doc.
gnutls26 (2.12.21-1) experimental; urgency=low
* New upstream release.
+ Works with libtasn1 3.0, requires at least libtasn1 2.14. Bump b-d.
-- Timo Aaltonen <email address hidden> Thu, 07 Mar 2013 12:47:58 +0200
-
gnutls26 (2.12.20-2ubuntu1) raring; urgency=low
* Resynchronise with Debian. Remaining changes:
- Build gnutls-bin from this source package rather than from gnutls28:
gnutls28's licensing is currently too strict for many of the free
software packages built against it in Ubuntu main and we only want to
support a single version. Bump its version to achieve this.
* Avoid assuming that gets is declared.
gnutls26 (2.12.20-2) unstable; urgency=low
* 30_strlen_on_null.diff: Fix segfault caused by running strlen() on NULL.
Closes: #647747
* Fix documentation packaging. gnutls-doc is built from the GnuTLS 3.x
packages. Add a new gnutls26-doc package which drops manpages and info
format documentation in favour of being co-installable with
gnutls-doc.
gnutls26 (2.12.20-1) unstable; urgency=low
* New upstream release.
* Drop 25_nssldapsfix.diff (already included).
gnutls26 (2.12.19-2) unstable; urgency=low
* Pull debian/patches/25_nssldapsfix.diff from upstream git.
(LP: #1003841)
gnutls26 (2.12.19-1) unstable; urgency=low
* New upstream release.
gnutls26 (2.12.18-1) unstable; urgency=low
* New upstream release.
gnutls26 (2.12.17-2) unstable; urgency=low
* Upload to unstable.
gnutls26 (2.12.17-1) experimental; urgency=low
* New upstream release.
+ Unfuzz 20_tests-select.diff.
+ Bump libp11-kit-dev build-dep.
+ Bump shlibs.
+ Includes fix for CVE-2012-1573.
gnutls26 (2.12.16-1) unstable; urgency=low
* New upstream release.
-- Colin Watson <email address hidden> Thu, 06 Dec 2012 18:29:32 +0000
-
gnutls26 (2.12.14-5ubuntu4) quantal; urgency=low
* Apply upstream patch to fix validation of certificates when more than
one with the same short hash exists in the CA bundle (LP: #1003841).
-- Thorsten Glaser <email address hidden> Thu, 24 May 2012 11:19:12 +0200