Accepted gnutls11 1.0.16-13ubuntu1 (source)
Martin Pitt
martin.pitt at ubuntu.com
Fri May 13 03:45:04 CDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Fri, 13 May 2005 10:41:26 +0200
Source: gnutls11
Binary: libgnutls11 libgnutls11-dev gnutls-bin libgnutls11-dbg
Architecture: source
Version: 1.0.16-13ubuntu1
Distribution: breezy
Urgency: low
Maintainer: Matthias Urlichs <smurf at debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
gnutls-bin - GNU TLS library - commandline utilities
libgnutls11 - GNU TLS library - runtime library
libgnutls11-dbg - GNU TLS library - debugger symbols
libgnutls11-dev - GNU TLS library - development files
Changes:
gnutls11 (1.0.16-13ubuntu1) breezy; urgency=low
.
* SECURITY UPDATE: Fix Denial of Service.
* lib/gnutls_cipher.c, _gnutls_ciphertext2compressed():
- "pad" is specified in the user-supplied ciphertext; before executing the
"Check the padding bytes" loop, check that the pad length is valid
before accessing the ciphertext array. Invalid pad lengths triggered an
out of bounds access which could crash the application.
- Patch taken from upstream CVS.
- CAN-2005-1431
Files:
d9f6a584d619c006af3b1be50f0704f2 810 devel optional gnutls11_1.0.16-13ubuntu1.dsc
b8d2248288663ee35ca855645856c451 337829 devel optional gnutls11_1.0.16-13ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFChGhVDecnbV4Fd/IRAgL3AKC4YLTqWhP4u89WbQ3WaNMciZJJLQCcDzm6
LjLiQCwJQbZ2e1oFlkCh7NM=
=VUO9
-----END PGP SIGNATURE-----
Accepted:
gnutls11_1.0.16-13ubuntu1.diff.gz
to pool/main/g/gnutls11/gnutls11_1.0.16-13ubuntu1.diff.gz
gnutls11_1.0.16-13ubuntu1.dsc
to pool/main/g/gnutls11/gnutls11_1.0.16-13ubuntu1.dsc
More information about the breezy-changes
mailing list