[ubuntu/maverick-security] gnutls26_2.8.6-1ubuntu0.1_powerpc_translations.tar.gz, gnutls26_2.8.6-1ubuntu0.1_armel_translations.tar.gz, gnutls26, gnutls26_2.8.6-1ubuntu0.1_i386_translations.tar.gz, gnutls26_2.8.6-1ubuntu0.1_amd64_translations.tar.gz 2.8.6-1ubuntu0.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Thu Apr 5 22:03:57 UTC 2012


gnutls26 (2.8.6-1ubuntu0.1) maverick-security; urgency=low

  * SECURITY UPDATE: Denial of service in client application
    - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
      session data. Based on upstream patch.
    - CVE-2011-4128
  * SECURITY UPDATE: Denial of service via crafted TLS record
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573

Date: Wed, 04 Apr 2012 11:13:02 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/maverick/+source/gnutls26/2.8.6-1ubuntu0.1
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Apr 2012 11:13:02 -0500
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source
Version: 2.8.6-1ubuntu0.1
Distribution: maverick-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 guile-gnutls - the GNU TLS library - GNU Guile bindings
 libgnutls-dev - the GNU TLS library - development files
 libgnutls26 - the GNU TLS library - runtime library
 libgnutls26-dbg - GNU TLS library - debugger symbols
Changes: 
 gnutls26 (2.8.6-1ubuntu0.1) maverick-security; urgency=low
 .
   * SECURITY UPDATE: Denial of service in client application
     - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
       session data. Based on upstream patch.
     - CVE-2011-4128
   * SECURITY UPDATE: Denial of service via crafted TLS record
     - debian/patches/CVE-2012-1573.patch: Validate the size of a
       GenericBlockCipher structure as it is processed. Based on upstream
       patch.
     - CVE-2012-1573
Checksums-Sha1: 
 64645dd60646ecdf4406f92fced0c4f36403f77b 2372 gnutls26_2.8.6-1ubuntu0.1.dsc
 758a4b836675c5ceaf239d3762016a30979931d4 20128 gnutls26_2.8.6-1ubuntu0.1.debian.tar.gz
Checksums-Sha256: 
 3d9021c766cbbb3c173c5b8572732af47e70320386ec8477a96455c11cf8eb39 2372 gnutls26_2.8.6-1ubuntu0.1.dsc
 f3193759717c2409be2036e4fb74b3609a7bba2e414d216ba949bf6dd7eafd46 20128 gnutls26_2.8.6-1ubuntu0.1.debian.tar.gz
Files: 
 5bfcf7ba20ba61b8e2c32ceea9ef3e8a 2372 libs optional gnutls26_2.8.6-1ubuntu0.1.dsc
 eb55315a3a6eb5f42bfe0dbe7d1f9301 20128 libs optional gnutls26_2.8.6-1ubuntu0.1.debian.tar.gz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>


More information about the Maverick-changes mailing list