[ubuntu/hardy-security] gnutls13_2.0.4-1ubuntu2.7_amd64_translations.tar.gz, gnutls13_2.0.4-1ubuntu2.7_ia64_translations.tar.gz, gnutls13_2.0.4-1ubuntu2.7_i386_translations.tar.gz, gnutls13_2.0.4-1ubuntu2.7_powerpc_translations.tar.gz, gnutls13_2.0.4-1ubuntu2.7_sparc_translations.tar.gz, gnutls13_2.0.4-1ubuntu2.7_hppa_translations.tar.gz, gnutls13_2.0.4-1ubuntu2.7_lpia_translations.tar.gz, gnutls13 2.0.4-1ubuntu2.7 (Accepted)

Tyler Hicks tyhicks at canonical.com
Thu Apr 5 22:04:41 UTC 2012 

gnutls13 (2.0.4-1ubuntu2.7) hardy-security; urgency=low

  * SECURITY UPDATE: Denial of service in client application
    - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
      session data. Based on upstream patch.
    - CVE-2011-4128
  * SECURITY UPDATE: Denial of service via crafted TLS record
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573

Date: Wed, 04 Apr 2012 11:13:02 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/hardy/+source/gnutls13/2.0.4-1ubuntu2.7
-------------- next part --------------
Format: 1.7
Date: Wed, 04 Apr 2012 11:13:02 -0500
Source: gnutls13
Binary: libgnutls-dev libgnutls13 libgnutls13-dbg gnutls-bin gnutls-doc libgnutlsxx13
Architecture: source
Version: 2.0.4-1ubuntu2.7
Distribution: hardy-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 libgnutls-dev - the GNU TLS library - development files
 libgnutls13 - the GNU TLS library - runtime library
 libgnutls13-dbg - GNU TLS library - debugger symbols
 libgnutlsxx13 - the GNU TLS library - C++ runtime library
Changes: 
 gnutls13 (2.0.4-1ubuntu2.7) hardy-security; urgency=low
 .
   * SECURITY UPDATE: Denial of service in client application
     - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
       session data. Based on upstream patch.
     - CVE-2011-4128
   * SECURITY UPDATE: Denial of service via crafted TLS record
     - debian/patches/CVE-2012-1573.patch: Validate the size of a
       GenericBlockCipher structure as it is processed. Based on upstream
       patch.
     - CVE-2012-1573
Files: 
 e2c0e5d5211dde52543b079871caa0ff 1718 devel optional gnutls13_2.0.4-1ubuntu2.7.dsc
 6da4544c6bdac92b0f40d12ada700a97 32311 devel optional gnutls13_2.0.4-1ubuntu2.7.diff.gz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>

More information about the Hardy-changes mailing list