[USN-2913-4] GnuTLS update

Marc Deslauriers marc.deslauriers at canonical.com
Wed Feb 24 17:40:21 UTC 2016

Ubuntu Security Notice USN-2913-4
February 24, 2016

gnutls26 update

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS
- Ubuntu 12.04 LTS


Updated GnuTLS packages are required for the USN-2913-1 update.

Software Description:
- gnutls26: GNU TLS library


USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates
package. This update adds support for alternate certificate chains to the
GnuTLS package to properly handle the removal.

Original advisory details:

 The ca-certificates package contained outdated CA certificates. This update
 refreshes the included certificates to those contained in the 20160104
 package, including the removal of the SPI CA and CA certificates with
 1024-bit RSA keys.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
  libgnutls26                     2.12.23-12ubuntu2.5

Ubuntu 12.04 LTS:
  libgnutls26                     2.12.14-5ubuntu3.12

After a standard system update you need to reboot your computer to make
all the necessary changes.


Package Information:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20160224/5da2c911/attachment.sig>

More information about the ubuntu-security-announce mailing list