[ubuntu/utopic-proposed] gnutls26 2.12.23-15ubuntu2 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Mon Jun 2 12:41:15 UTC 2014
gnutls26 (2.12.23-15ubuntu2) utopic; urgency=medium
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
Date: Sun, 01 Jun 2014 11:02:11 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/utopic/+source/gnutls26/2.12.23-15ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 01 Jun 2014 11:02:11 -0400
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls26-doc libgnutlsxx27
Architecture: source
Version: 2.12.23-15ubuntu2
Distribution: utopic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
gnutls26-doc - GNU TLS library 2.x - documentation and examples
libgnutls-dev - GNU TLS library - development files
libgnutls26 - GNU TLS library - runtime library
libgnutls26-dbg - GNU TLS library - debugger symbols
libgnutlsxx27 - GNU TLS library - C++ runtime library
Changes:
gnutls26 (2.12.23-15ubuntu2) utopic; urgency=medium
.
* SECURITY UPDATE: memory corruption due to server hello parsing
- debian/patches/CVE-2014-3466.patch: validate session_id_len in
lib/gnutls_handshake.c.
- CVE-2014-3466
Checksums-Sha1:
9eda8874ba3f1562ce5c0f93de72a7e4afd0972f 2658 gnutls26_2.12.23-15ubuntu2.dsc
9d8e9faa8cc5e6f0363933753a119acac7ce5c4f 31552 gnutls26_2.12.23-15ubuntu2.debian.tar.xz
Checksums-Sha256:
4eeb50a23365fa205071d7f92d0b05ba1740d5189e5d958afe85cab326ae9311 2658 gnutls26_2.12.23-15ubuntu2.dsc
2a3b6bf368f83df12b82f687df57b8029856d53675f80f96a818cbc7622f73ae 31552 gnutls26_2.12.23-15ubuntu2.debian.tar.xz
Files:
f46fb84f3f40f6f5754ae44ee8f45ed5 2658 libs optional gnutls26_2.12.23-15ubuntu2.dsc
f6346cffc66a8f5948f3254c7ae5cd27 31552 libs optional gnutls26_2.12.23-15ubuntu2.debian.tar.xz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJTjHCFAAoJEGVp2FWnRL6TreoQAJ2H8H23PJ9b5Q9obhxMssHU
g9TvtNnR7Dj4pEGGotKCXeeW82HAKaO1Cls8TOKQUimfy6wPaopnEgmHqb75AKcI
EIQCn0lF9X2gsjMnLo3P6yqGMX+r/S/LS34ZPgsQkaNOp3oX5oCNE8YqVA9YwcFD
zcw4hdZn8mcB/0NxWnpoeBWz3ikmjhtnFj4ElfJBz5qnLgCEQbVQg0VJk4QCdfvZ
cVpT1MoV9h5/HgU+pUprXHjPv00x3VF3+Myid38mO688VJESfHenkkBsI76vZOuw
2P36gSEBI2pXVMO9SS4nj7mql8cFanMxzpk30axNjNQg/6seMPp1cnZ490OPDCQY
VRkVtgBIpazzQRXGnXlvn70fYJnEixTghWzKS3HAh6v20CiJdxSB00F3O/rvgq4g
hi3QCW8SGpTD9qDwT0PfzVHnqcApBeckGPfGtog/hhvCMBNBBdH0+Ahibhok78st
ac2dMW2M7EPm/kHCyUsIy/RgScRJCtN5V0aPlAZXbQw3rnZKAnnk/w20Y9BLG1Gn
ESJ98LERv2OFoR69Z8JE/Azi9HUC7VPyvEr/+zUFVapbU+MMrvRQgT09AxevZ0y1
lDNsnPKV9N7uYrKrpr5k4Vz6bUwLFJrxoCgNacFwwdFQSlLRcKba8X7Msy2Y+Bnv
zVnl3xcXJ8TbjAE9xXgy
=VEwM
-----END PGP SIGNATURE-----
More information about the Utopic-changes
mailing list