-
gnutls28 (3.2.11-2ubuntu1.2) trusty; urgency=medium
* debian/patches/check_same_certificate_not_only_issuer.patch: when
verifying, check for the same certificate in the trusted list,
not only the issuer.
* debian/patches/compare_ca_name_and_key.patch: when comparing a CA
certificate with the trusted list, compare the name and key.
(LP: #1722411)
-- Anders Kaseorg <email address hidden> Wed, 17 Jan 2018 16:23:47 -0500
-
gnutls28 (3.2.11-2ubuntu1.1) trusty-security; urgency=medium
[ Gianfranco Costamagna ]
* SECURITY UPDATE: Denial of service and possible remote arbitrary code
execution via crafted ServerHello message
- debian/patches/21_CVE-2014-3466.patch: Add upper bounds check for
session id size. Based on upstream patch. (LP: #1326779)
[ Tyler Hicks ]
* debian/patches/21_CVE-2014-3466.patch: Fold in the test for
CVE-2014-3466's fix. Based on upstream patch.
-- Tyler Hicks <email address hidden> Thu, 11 Jun 2015 10:42:35 -0500
-
gnutls28 (3.2.11-2ubuntu1) trusty; urgency=medium
* Resynchronise with Debian. Remaining changes:
- Drop gnutls-bin and -doc since we want to use the versions in gnutls26
as the defaults instead.
* Add arm64 and ppc64el to the list of non-ia64 architectures on which
guile-gnutls is built.
gnutls28 (3.2.11-2) unstable; urgency=high
* Bump version of Build-Depends on libp11-kit-dev, as required by 3.2.11.
* 20_CVE-2014-0092.diff by Nikos Mavrogiannopoulos: Fix certificate
validation issue. CVE-2014-0092
gnutls28 (3.2.11-1) unstable; urgency=high
* New upstream version. (Closes CVE-2014-1959 / GNUTLS-SA-2014-1)
* Pull 20_bug-in-gnutls_pcert_list_import_x509_raw.patch from upstream git.
gnutls28 (3.2.10-2) unstable; urgency=high
* Upload to unstable.
gnutls28 (3.2.10-1) experimental; urgency=high
* New upstream version.
* New symbols exported, bump shlibs.
gnutls28 (3.2.9-2) unstable; urgency=medium
* Upload to unstable.
gnutls28 (3.2.9-1) experimental; urgency=medium
* New upstream version.
+ %COMPAT implies %DUMBFW. (See #733039)
* Drop 40_guilenoparallel.diff, which did not have any effect after enabling
dh_autoreconf.
* Stop dh_clean from removing *.bak, upstream tarball actually contains
files named such in src/ subdirectory.
gnutls28 (3.2.8.1-3) unstable; urgency=medium
* Correct c'n'p error in Vcs-Git field.
* Update debian/copyright from upstream's README. (Thanks, Kurt Roeckx)
gnutls28 (3.2.8.1-2) unstable; urgency=low
* Upload to unstable, without libgnutls-openssl27.
gnutls28 (3.2.8.1-1) experimental; urgency=low
* New upstream version.
+ Drop debian/patches/45_add_strerror-module.patch, which was pulled from
upstream.
+ Bump shlibs.
* Add debian/upstream-signing-key.pgp (listed in
debian/source/include-binaries) and update watchfile to check
upstream signature.
gnutls28 (3.2.7-4) experimental; urgency=low
* Upload to experimental, with libgnutls-openssl27.
* Version libgnutls-openssl27 shlibs. (Mainly to identify rebuilt packages.)
gnutls28 (3.2.7-3) unstable; urgency=low
* Point vcs* to git.
* Upload to unstable, without libgnutls-openssl27.
gnutls28 (3.2.7-2) experimental; urgency=low
* Fix kfreebsd FTBFS.
+ 45_add_strerror-module.patch add gnulib strerror module.
+ Use dh_autoreconf.
gnutls28 (3.2.7-1) experimental; urgency=low
* New upstream version.
+ Add b-d on bison.
+ Bump shlibs.
+ Drop 30_forcesystemlibopts.diff 50_Ignore-SIGPIPE.patch.
+ Simplify debian/rules, stop removing autogened files.
gnutls28 (3.2.6-2) experimental; urgency=low
* Print out test-suite.log on test-suite-error. (Thanks, Steven Chamberlain
for the hint.)
* 50_Ignore-SIGPIPE.patch - fix spurious FTBFS due to race condition.
gnutls28 (3.2.6-1) experimental; urgency=low
* New upstream version.
+ Bump shlibs.
gnutls28 (3.2.5-1) experimental; urgency=low
* New upstream version.
+ Bump shlibs.
* Ship examples/examples.h which is needed for building examples/*.c. Also
add ex-cxx.cpp, while we are at it. (Thanks, Daniel Kahn Gillmor)
Closes: #726971
gnutls28 (3.2.4-5) experimental; urgency=low
* Re-enable building of libgnutls-openssl27 binary package.
* Let libgnutls-dev provide libgnutls-openssl-dev to prepare a seamless
transition to gnutls28.
gnutls28 (3.2.4-4) unstable; urgency=low
* 40_guilenoparallel.diff: Disable parallel build in
guile/modules/.
gnutls28 (3.2.4-3) unstable; urgency=low
* Looks like "Architecture" in debian/control cannot be folded, unfold the
respective entry for guile-gnutls.
gnutls28 (3.2.4-2) unstable; urgency=low
* Manpages were missing on binary-only builds. Closes: #721725
* Build with
--with-default-trust-store-file=/etc/ssl/certs/ca-certificates.crt since
ca-certificates not pulled in by build-dependencies anymore.
Closes: #721726
* Upload to unstable.
gnutls28 (3.2.4-1) experimental; urgency=low
* New upstream release.
+ Drop 40_Clean-up-after-test.patch.
* Fix path to png files in info files with sed instead of symlinking images.
* Bump shlibs.
gnutls28 (3.2.3-3) experimental; urgency=low
* Switch to dh, to easily allow us to move gtk-doc-tools to
Build-Depends-Indep. Closes: #682596
gnutls28 (3.2.3-2) experimental; urgency=low
* Build gnutls-guile against guile-2.0.
+ Drop --disable-largefile on armel armhf mipsel.
+ ia64 does not build guile-2.0, disable guile-support there.
-- Colin Watson <email address hidden> Wed, 05 Mar 2014 10:31:28 +0000
-
gnutls28 (3.2.3-1ubuntu2) trusty; urgency=medium
* Fix detection of floating point endianness.
* Use dh-autoreconf to update libtool.m4 for new ports.
-- Colin Watson <email address hidden> Wed, 05 Feb 2014 05:17:52 +0000
-
gnutls28 (3.2.3-1ubuntu1) saucy; urgency=low
* Sync with Debian (LP: #1068029). Remaining change:
- Drop gnutls-bin and -doc since we want to use the versions
in gnutls26 as the defaults instead
gnutls28 (3.2.3-1) unstable; urgency=low
* New upstream release.
* Drop superfluous patches. (35_gnutls-priority-string.diff
36_avoid-leaking-a-buffer-element.diff)
* Bump shlibs.
gnutls28 (3.2.2-2) unstable; urgency=low
* Pull two patches from upstream:
+35_gnutls-priority-string.diff Fix priority string parsing broken in
3.2.2 Closes: #717314
+36_avoid-leaking-a-buffer-element.diff
gnutls28 (3.2.2-1) unstable; urgency=low
* Mark libgnutls28-dev Multi-Arch: same. (Thanks, Nicolas Le Cam)
Closes: #678070
* New upstream version.
* Drop superfluous patches. 31_testsuite32bit.diff 32_linkagainstgmp.diff
* Bump shlibs.
gnutls28 (3.2.1-2) unstable; urgency=low
* Upload to unstable.
* Do not link everything against nettle on mips(el), the issue being worked
around was fixed by the latest eglibc upload.
* Use debhelper v9 mode. This allows us to mark libgnutls28-dbg Multi-Arch:
same.
gnutls28 (3.2.1-1) experimental; urgency=low
* New upstream version.
+ Bump nettle build-dep to >= 2.7.
+ Bump shlibs.
+ Disable 20_test-select.diff instead of ufuzzing the patch. - Let's check
whether it still fails on kfreebsd-i386.
+ [31_testsuite32bit.diff] Avoid comparing the expiration date to prevent
false positive error in 32-bit systems.
+ [32_linkagainstgmp.diff] Link libgnutls against gmp.
gnutls28 (3.1.12-2) unstable; urgency=low
* Upload to unstable.
* Fix vcs-field-not-canonical lintian error by using anonscm instead of
svn.debian.org.
gnutls28 (3.1.12-1) experimental; urgency=low
* Use rm -f on clean, fixing an issue with building twice in row.
* New upstream version.
* On mips/mipsel link everything and the kitchen-sink against nettle to work
around toolchain breakage ("crt1.o: undefined reference to symbol '_gp'").
gnutls28 (3.1.11-1) experimental; urgency=low
* New upstream version.
+ Bump shlibs.
gnutls28 (3.1.10-1) experimental; urgency=low
* New upstream version.
* Bump shlibs.
gnutls28 (3.1.9.1-1) experimental; urgency=low
* New upstream version.
* Bump shlibs.
* Force re-generation of autogen-ed manpages.
gnutls28 (3.1.8-1) experimental; urgency=low
* New upstream version.
gnutls28 (3.1.7-1) experimental; urgency=low
* Let libgnutls28 depend on libtasn1-6 instead of on libtasn1-3, matching
the build-depency. (Thanks, Daniel Kahn Gillmor)
* New upstream version.
+ Includes a fix for GNUTLS-SA-2013-1 TLS CBC padding timing attack.
CVE-2013-0169 CVE-2013-1619.
+ New symbols added, bump shlibs.
+ Ship newly available libgnutls-xssl0 library in a separate package.
* Disable Heart Beat (RFC6520) support.
gnutls28 (3.1.6-1) experimental; urgency=low
* Update watchfile, based on Bart Martens version for gnutls26 on
q.d.o, but use a) ftp.gnutls.org as mirror and b) limit the the match to
3.x versions.
* New upstream version.
+ requires libtasn1 >= 3.1, bump build-depends.
+ requires a a newer version of autogen, bump build-depends.
+ update debian/copyright to reflect the fact that GnuTLS authors have
stopped assigning copyright to FSF.
gnutls28 (3.1.5-1) experimental; urgency=low
* New upstream version.
+ Drop 40_danetestfail.diff
+ Unfuzz 20_test-select.diff
+ Bump shlibs.
gnutls28 (3.1.4-1) experimental; urgency=low
* New upstream release.
+ Drop 40_fixtypo.diff.
+ debian/copyright: update upstream author list.
+ New symbols added, bump shlibs.
* 40_danetestfail.diff - Do not try to run dane test without dane support.
gnutls28 (3.1.3-1) experimental; urgency=low
* New upstream release.
* Explicitly set --disable-libdane --without-tpm.
* Bump shlibs.
* 40_fixtypo.diff pulled from upstream git.
* Update debian/copyright from AUTHORS.
gnutls28 (3.1.2-1) experimental; urgency=low
* New upstream release.
+ Requires libtasn1-3 2.14, bump (b-)d.
+ New symbols added, bump shlibs.
gnutls28 (3.1.1-1) experimental; urgency=low
* New upstream release.
+ Includes patch by Bernhard R. Link for gnutls-serv listening on ipv6.
Closes: #686242
+ Drop superfluous patches. (40_debugtestsuite 41_use-errno.diff
42_dump-the-errno.diff 43_possiblefix.diff)
+ Bump shlibs.
* Sync version of libgnutls-dev dependency on nettle-dev with the
build-dependency.
gnutls28 (3.1.0-5) experimental; urgency=low
* 43_possiblefix.diff might fix the test suite error.
gnutls28 (3.1.0-4) experimental; urgency=low
* 41_use-errno.diff 42_dump-the-errno.diff: Get more info for debugging the
testsuite error.
gnutls28 (3.1.0-3) experimental; urgency=low
* [40_debugtestsuite] Debug the correct test, mini-handshake-timeout.
gnutls28 (3.1.0-2) experimental; urgency=low
* Mention abbreviation "DTLS" in package description.
* [40_debugtestsuite] Enable verbose execution of mini-emsgsize-dtls test,
it spuriously fails on about half of the buildds.
gnutls28 (3.1.0-1) experimental; urgency=low
* New upstream release.
+ Bump nettle build-dep to >= 2.5.
+ Bump shlibs.
-- Jeremy Bicha <email address hidden> Tue, 30 Jul 2013 21:40:07 -0400
