[ubuntu/lucid-security] gnutls26_2.8.5-2ubuntu0.1_armel_translations.tar.gz, gnutls26_2.8.5-2ubuntu0.1_sparc_translations.tar.gz, gnutls26_2.8.5-2ubuntu0.1_i386_translations.tar.gz, gnutls26_2.8.5-2ubuntu0.1_powerpc_translations.tar.gz, gnutls26, gnutls26_2.8.5-2ubuntu0.1_ia64_translations.tar.gz, gnutls26_2.8.5-2ubuntu0.1_amd64_translations.tar.gz 2.8.5-2ubuntu0.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Thu Apr 5 22:04:23 UTC 2012 

gnutls26 (2.8.5-2ubuntu0.1) lucid-security; urgency=low

  * SECURITY UPDATE: Denial of service in client application
    - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
      session data. Based on upstream patch.
    - CVE-2011-4128
  * SECURITY UPDATE: Denial of service via crafted TLS record
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573

Date: Wed, 04 Apr 2012 11:13:02 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/lucid/+source/gnutls26/2.8.5-2ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Apr 2012 11:13:02 -0500
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source
Version: 2.8.5-2ubuntu0.1
Distribution: lucid-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 guile-gnutls - the GNU TLS library - GNU Guile bindings
 libgnutls-dev - the GNU TLS library - development files
 libgnutls26 - the GNU TLS library - runtime library
 libgnutls26-dbg - GNU TLS library - debugger symbols
Changes: 
 gnutls26 (2.8.5-2ubuntu0.1) lucid-security; urgency=low
 .
   * SECURITY UPDATE: Denial of service in client application
     - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
       session data. Based on upstream patch.
     - CVE-2011-4128
   * SECURITY UPDATE: Denial of service via crafted TLS record
     - debian/patches/CVE-2012-1573.patch: Validate the size of a
       GenericBlockCipher structure as it is processed. Based on upstream
       patch.
     - CVE-2012-1573
Checksums-Sha1: 
 419b0037a90413e5ceb2d677711de7dc6c8e450c 2372 gnutls26_2.8.5-2ubuntu0.1.dsc
 61eafc0c50cd781e2b8aa855a4cc9bd0c4015442 18863 gnutls26_2.8.5-2ubuntu0.1.debian.tar.gz
Checksums-Sha256: 
 6439c3da4ef41870bdb93a896f436742c88480c7d3a55b119011c29ee7d7a6f9 2372 gnutls26_2.8.5-2ubuntu0.1.dsc
 870b2cf16624ea7a5bb4e59b837bab26db142ca7f6eaf871810031381f1c298b 18863 gnutls26_2.8.5-2ubuntu0.1.debian.tar.gz
Files: 
 d02ac611ccf1785b0f2f4d5ca69c9d60 2372 libs optional gnutls26_2.8.5-2ubuntu0.1.dsc
 af70fe79461c11b1ba20bbfb4942b65c 18863 libs optional gnutls26_2.8.5-2ubuntu0.1.debian.tar.gz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>

More information about the Lucid-changes mailing list