[ubuntu/karmic] gnutls26 2.6.6-1ubuntu1 (Accepted)
Jamie Strandboge
jamie at ubuntu.com
Fri Aug 14 19:15:14 BST 2009
gnutls26 (2.6.6-1ubuntu1) karmic; urgency=low
* SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
- debian/patches/16_CVE-2009-2730.diff: verify length of CN and SAN
are what we expect and error out if either contains an embedded \0
- CVE-2009-2730
Date: Fri, 14 Aug 2009 09:55:54 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/karmic/+source/gnutls26/2.6.6-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 14 Aug 2009 09:55:54 -0500
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source
Version: 2.6.6-1ubuntu1
Distribution: karmic
Urgency: low
Maintainer: Ubuntu Core Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
gnutls-bin - the GNU TLS library - commandline utilities
gnutls-doc - the GNU TLS library - documentation and examples
guile-gnutls - the GNU TLS library - GNU Guile bindings
libgnutls-dev - the GNU TLS library - development files
libgnutls26 - the GNU TLS library - runtime library
libgnutls26-dbg - GNU TLS library - debugger symbols
Changes:
gnutls26 (2.6.6-1ubuntu1) karmic; urgency=low
.
* SECURITY UPDATE: fix improper handling of '\0' in Common Name (CN) and
Subject Alternative Name (SAN) in X.509 certificates (LP: #413136)
- debian/patches/16_CVE-2009-2730.diff: verify length of CN and SAN
are what we expect and error out if either contains an embedded \0
- CVE-2009-2730
Checksums-Sha1:
4549dfa5da21b5c31f02fee82b45f31ad4c0d316 1688 gnutls26_2.6.6-1ubuntu1.dsc
d69761e4bf8ca8e896c1b1c4b7f4df13d0495b5c 19017 gnutls26_2.6.6-1ubuntu1.diff.gz
Checksums-Sha256:
1fb8c277c8d20b1dfcc0d933c794422aa74c724cfb2e3348e2486af5998a4960 1688 gnutls26_2.6.6-1ubuntu1.dsc
a2949d8a733bec917d08d92c52956883a2de7af11d88ab0ad1a60d3a1a50c667 19017 gnutls26_2.6.6-1ubuntu1.diff.gz
Files:
877334456a3b53b16f22cbcf78ba41e1 1688 devel optional gnutls26_2.6.6-1ubuntu1.dsc
3ea57e6f14bb4cbd17b0d9230f831047 19017 devel optional gnutls26_2.6.6-1ubuntu1.diff.gz
Launchpad-Bugs-Fixed: 413136
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkqFnogACgkQW0JvuRdL8BrQZgCdF2Sl/G2GSiuTv6a+Rp9MeQw+
TcEAn2t9yhVCo9hXD6/2RCs8f5mVQixQ
=S6kH
-----END PGP SIGNATURE-----
More information about the Karmic-changes
mailing list