[ubuntu/natty-security] gnutls26_2.8.6-1ubuntu2.1_armel_translations.tar.gz, gnutls26_2.8.6-1ubuntu2.1_i386_translations.tar.gz, gnutls26, gnutls26_2.8.6-1ubuntu2.1_amd64_translations.tar.gz, gnutls26_2.8.6-1ubuntu2.1_powerpc_translations.tar.gz 2.8.6-1ubuntu2.1 (Accepted)
Tyler Hicks
tyhicks at canonical.com
Thu Apr 5 22:03:44 UTC 2012
gnutls26 (2.8.6-1ubuntu2.1) natty-security; urgency=low
* SECURITY UPDATE: Denial of service in client application
- debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/CVE-2012-1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
Date: Wed, 04 Apr 2012 11:13:02 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/gnutls26/2.8.6-1ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Apr 2012 11:13:02 -0500
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source
Version: 2.8.6-1ubuntu2.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description:
gnutls-bin - the GNU TLS library - commandline utilities
gnutls-doc - the GNU TLS library - documentation and examples
guile-gnutls - the GNU TLS library - GNU Guile bindings
libgnutls-dev - the GNU TLS library - development files
libgnutls26 - the GNU TLS library - runtime library
libgnutls26-dbg - GNU TLS library - debugger symbols
Changes:
gnutls26 (2.8.6-1ubuntu2.1) natty-security; urgency=low
.
* SECURITY UPDATE: Denial of service in client application
- debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
session data. Based on upstream patch.
- CVE-2011-4128
* SECURITY UPDATE: Denial of service via crafted TLS record
- debian/patches/CVE-2012-1573.patch: Validate the size of a
GenericBlockCipher structure as it is processed. Based on upstream
patch.
- CVE-2012-1573
Checksums-Sha1:
892cd95c7fe63f6c7ebe6eea8f398179a3041362 2398 gnutls26_2.8.6-1ubuntu2.1.dsc
a99adccab65cad86cafeb081e165f64bf6109a57 20949 gnutls26_2.8.6-1ubuntu2.1.debian.tar.gz
Checksums-Sha256:
22afc1963fa02542724c0a018fbec8f8f1dab4dbbfbb8b75912a3b42de592965 2398 gnutls26_2.8.6-1ubuntu2.1.dsc
fcef39271587c375e9bd51052f32e5b18fb077cf283ad8b1ed98d49543b957ab 20949 gnutls26_2.8.6-1ubuntu2.1.debian.tar.gz
Files:
caacf601bc911c6c71628d8995657188 2398 libs optional gnutls26_2.8.6-1ubuntu2.1.dsc
79af2282c7803c375098e528516ae7e3 20949 libs optional gnutls26_2.8.6-1ubuntu2.1.debian.tar.gz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
More information about the Natty-changes
mailing list