[ubuntu/xenial-updates] gnutls28 3.4.10-4ubuntu1.2 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Wed Feb 1 18:28:22 UTC 2017
gnutls28 (3.4.10-4ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: OCSP validation issue
- debian/patches/CVE-2016-7444.patch: correctly verify the serial
length in lib/x509/ocsp.c.
- CVE-2016-7444
* SECURITY UPDATE: denial of service via warning alerts
- debian/patches/CVE-2016-8610.patch: set a maximum number of warning
messages in lib/gnutls_int.h, lib/gnutls_handshake.c,
lib/gnutls_state.c.
- CVE-2016-8610
* SECURITY UPDATE: double-free when reading proxy language
- debian/patches/CVE-2017-5334.patch: fix double-free in
lib/x509/x509_ext.c.
- CVE-2017-5334
* SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
lib/opencdk/read-packet.c.
- CVE-2017-5335
* SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
lib/opencdk/pubkey.c.
- CVE-2017-5336
* SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
lib/opencdk/read-packet.c.
- CVE-2017-5337
* debian/patches/fix_expired_certs.patch: use datefudge to fix test with
expired certs.
Date: 2017-01-26 19:18:21.817877+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/gnutls28/3.4.10-4ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list