[ubuntu/trusty-security] gnutls28 3.2.11-2ubuntu1.1 (Accepted)

Thu Jun 11 18:12:05 UTC 2015

gnutls28 (3.2.11-2ubuntu1.1) trusty-security; urgency=medium

  [ Gianfranco Costamagna ]
  * SECURITY UPDATE: Denial of service and possible remote arbitrary code
    execution via crafted ServerHello message
    - debian/patches/21_CVE-2014-3466.patch: Add upper bounds check for
      session id size. Based on upstream patch. (LP: #1326779)

  [ Tyler Hicks ]
  * debian/patches/21_CVE-2014-3466.patch: Fold in the test for
    CVE-2014-3466's fix. Based on upstream patch.

Date: 2015-06-11 16:48:29.790654+00:00
Changed-By: Tyler Hicks <tyhicks at canonical.com>
https://launchpad.net/ubuntu/+source/gnutls28/3.2.11-2ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.