[Bug 69242] Please sync gnutls13 (main) from unstable (main)

Martin Pitt martin.pitt at ubuntu.com
Mon Oct 30 09:12:33 GMT 2006 

Public bug reported:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 affects distros/ubuntu/gnutls13
 status confirmed
 subscribe ubuntu-archive

Please sync gnutls13 (main) from Debian unstable (main).

Changelog since current edgy version 1.4.0-3ubuntu1:

gnutls13 (1.4.4-2) unstable; urgency=low

  [ Andreas Metzler ]
  * Add a watchfile.
  * Fix debian/copyright.
    - Do not use "copyright" as title of a paragraph listing licenses.
      (Closes: #290194)
    - Add a copy of the FDL 1.2 to debian/copyright.

 -- Andreas Metzler <ametzler at debian.org>  Tue, 12 Sep 2006 19:57:49
+0200

gnutls13 (1.4.4-1) unstable; urgency=high

  [ Andreas Metzler ]
  * New upstream version 1.4.4
    - Updated fix for GNUTLS-SA-2006-4, that is not too strict and doesn't
      crash mutt. (closes: #386725)
      GNUTLS-SA-2006-4 is CVE-2006-4790.

 -- Andreas Metzler <ametzler at debian.org>  Tue, 12 Sep 2006 19:09:47
+0200

gnutls13 (1.4.3-2) unstable; urgency=low

  * the lesser of two weevils release.
  [ Andreas Metzler ]
  * Revert patch for GNUTLS-SA-2006-4 as it caused segmentation faults in
    various programs, including mutt. (closes: #386680)

 -- Andreas Metzler <ametzler at debian.org>  Sat,  9 Sep 2006 19:29:52
+0200

gnutls13 (1.4.3-1) unstable; urgency=high

  [ Andreas Metzler ]
  * New upstream version 1.4.3.
    - Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto 06
      rump session attack. GNUTLS-SA-2006-4
    - Fix PKCS#1 decryption to avoid Bleichenbacher's Crypto 98 attack..
      GNUTLS-SA-2006-3
    - Fix crash in gnutls_x509_crt_sign2 if passed a NULL issuer_key.

 -- Andreas Metzler <ametzler at debian.org>  Fri,  8 Sep 2006 19:12:33
+0200

gnutls13 (1.4.2-1) unstable; urgency=medium

  [ Andreas Metzler ]
  * New upstream bugfix release.
    - Fixes a crash in the certificate verification logic.

 -- Andreas Metzler <ametzler at debian.org>  Sat, 12 Aug 2006 10:44:16
+0200

gnutls13 (1.4.1-1) unstable; urgency=low

  [ James Westby ]
  * New upstream release.
  * Remove the following patches as they are now included upstream:
    - 10_certtoolmanpage.diff
    - 15_fixcompilewarning.diff
    - 30_man_hyphen_*.patch
  * Link the API reference in /usr/share/gtk-doc/html as gnutls rather than
    gnutls-api so that devhelp can find it.

 -- Andreas Metzler <ametzler at debian.org>  Sat, 15 Jul 2006 11:11:08
+0200


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFFRcH/DecnbV4Fd/IRAtHEAJ4nBemRKqOPK1jFzn8kgzUOZX6+dQCg2WAR
g1p8HmHqXYeJBWDdmy18TK8=
=4VNb
-----END PGP SIGNATURE-----

** Affects: gnutls13 (Ubuntu)
     Importance: Undecided
         Status: Confirmed

-- 
Please sync gnutls13 (main) from unstable (main)
https://launchpad.net/bugs/69242

More information about the ubuntu-archive mailing list