Accepted gnutls12 1.2.11-2ubuntu1 (source)
Martin Pitt
martin.pitt at ubuntu.com
Mon Sep 18 13:55:11 BST 2006
Accepted:
OK: gnutls12_1.2.11-2ubuntu1.dsc
-> Component: universe Section: devel
OK: gnutls12_1.2.11-2ubuntu1.diff.gz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 18 Sep 2006 14:40:03 +0200
Source: gnutls12
Binary: libgnutls12-dbg libgnutls12
Architecture: source
Version: 1.2.11-2ubuntu1
Distribution: edgy
Urgency: low
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
libgnutls12 - the GNU TLS library - runtime library
libgnutls12-dbg - GNU TLS library - debugger symbols
Changes:
gnutls12 (1.2.11-2ubuntu1) edgy; urgency=low
.
* SECURITY UPDATE: Signature forgery.
* Add debian/patches/00CVS_CVE-2006-4790.patch:
- Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
applications from incorrectly verifying the certificate. (Similar to
recent OpenSSL update.)
- Patch taken from upstream CVS:
http://lists.gnupg.org/pipermail/gnutls-dev/2006-September/001212.html
- CVE-2006-4790
Files:
4f4a62d4297791fc05bebcc33ffcf3a1 937 devel optional gnutls12_1.2.11-2ubuntu1.dsc
8417ddc48d54d8bdfbaae9ac1b61cdcc 7098 devel optional gnutls12_1.2.11-2ubuntu1.diff.gz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFFDpP3DecnbV4Fd/IRAsn7AJ0WDp+LqJptTPhqr9l31iOSXLujIgCgpkQd
Y5BHVrAxzlcVY8zoww2pjjY=
=1oYx
-----END PGP SIGNATURE-----
application finalize called
More information about the edgy-changes
mailing list