[ubuntu/natty-security] gnutls26_2.8.6-1ubuntu2.1_armel_translations.tar.gz, gnutls26_2.8.6-1ubuntu2.1_i386_translations.tar.gz, gnutls26, gnutls26_2.8.6-1ubuntu2.1_amd64_translations.tar.gz, gnutls26_2.8.6-1ubuntu2.1_powerpc_translations.tar.gz 2.8.6-1ubuntu2.1 (Accepted)

Tyler Hicks tyhicks at canonical.com
Thu Apr 5 22:03:44 UTC 2012


gnutls26 (2.8.6-1ubuntu2.1) natty-security; urgency=low

  * SECURITY UPDATE: Denial of service in client application
    - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
      session data. Based on upstream patch.
    - CVE-2011-4128
  * SECURITY UPDATE: Denial of service via crafted TLS record
    - debian/patches/CVE-2012-1573.patch: Validate the size of a
      GenericBlockCipher structure as it is processed. Based on upstream
      patch.
    - CVE-2012-1573

Date: Wed, 04 Apr 2012 11:13:02 -0500
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/natty/+source/gnutls26/2.8.6-1ubuntu2.1
-------------- next part --------------
Format: 1.8
Date: Wed, 04 Apr 2012 11:13:02 -0500
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source
Version: 2.8.6-1ubuntu2.1
Distribution: natty-security
Urgency: low
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Tyler Hicks <tyhicks at canonical.com>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 guile-gnutls - the GNU TLS library - GNU Guile bindings
 libgnutls-dev - the GNU TLS library - development files
 libgnutls26 - the GNU TLS library - runtime library
 libgnutls26-dbg - GNU TLS library - debugger symbols
Changes: 
 gnutls26 (2.8.6-1ubuntu2.1) natty-security; urgency=low
 .
   * SECURITY UPDATE: Denial of service in client application
     - debian/patches/CVE-2011-4128.patch: Fix buffer bounds check when copying
       session data. Based on upstream patch.
     - CVE-2011-4128
   * SECURITY UPDATE: Denial of service via crafted TLS record
     - debian/patches/CVE-2012-1573.patch: Validate the size of a
       GenericBlockCipher structure as it is processed. Based on upstream
       patch.
     - CVE-2012-1573
Checksums-Sha1: 
 892cd95c7fe63f6c7ebe6eea8f398179a3041362 2398 gnutls26_2.8.6-1ubuntu2.1.dsc
 a99adccab65cad86cafeb081e165f64bf6109a57 20949 gnutls26_2.8.6-1ubuntu2.1.debian.tar.gz
Checksums-Sha256: 
 22afc1963fa02542724c0a018fbec8f8f1dab4dbbfbb8b75912a3b42de592965 2398 gnutls26_2.8.6-1ubuntu2.1.dsc
 fcef39271587c375e9bd51052f32e5b18fb077cf283ad8b1ed98d49543b957ab 20949 gnutls26_2.8.6-1ubuntu2.1.debian.tar.gz
Files: 
 caacf601bc911c6c71628d8995657188 2398 libs optional gnutls26_2.8.6-1ubuntu2.1.dsc
 79af2282c7803c375098e528516ae7e3 20949 libs optional gnutls26_2.8.6-1ubuntu2.1.debian.tar.gz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>


More information about the Natty-changes mailing list