Package "gnutls26"

Name:	gnutls26
Description:	This package is just an umbrella for a group of other packages, it has no description. Description samples from packages in group: GNU TLS library - commandline utilities GNU TLS library - documentation and examples GNU TLS library - development files GNU TLS library - OpenSSL wrapper
Latest version:	2.12.14-5ubuntu3.14
Release:	precise (12.04)
Level:	updates
Repository:	main

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Other versions of "gnutls26" in Precise

Repository	Area	Version
base	main	2.12.14-5ubuntu3
security	main	2.12.14-5ubuntu3.14

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 2.12.14-5ubuntu3.9 2015-03-23 21:06:48 UTC

gnutls26 (2.12.14-5ubuntu3.9) precise-security; urgency=medium * SECURITY UPDATE: signature forgery issue - debian/patches/CVE-2015-0282.patch: make sure the signature algorithms match in lib/gnutls_algorithms.c, lib/gnutls_algorithms.h, lib/gnutls_pubkey.c, lib/gnutls_sig.c, lib/x509/common.h, lib/x509/crq.c, lib/x509/privkey.c, lib/x509/verify.c, lib/x509/x509.c, lib/x509/x509_int.h. - CVE-2015-0282 * SECURITY UPDATE: certificate algorithm consistency issue - debian/patches/CVE-2015-0294.patch: make sure the two signature algorithms match on cert import in lib/x509/x509.c. - CVE-2015-0294 -- Marc Deslauriers <email address hidden> Fri, 20 Mar 2015 09:26:34 -0400

Source diff to previous version

CVE-2015-0282	Signature forgery
CVE-2015-0294	certificate algorithm consistency checking issue

Version: 2.12.14-5ubuntu3.8	2014-06-02 15:06:58 UTC
`gnutls26 (2.12.14-5ubuntu3.8) precise-security; urgency=medium * SECURITY UPDATE: memory corruption due to server hello parsing - debian/patches/CVE-2014-3466.patch: validate session_id_len in lib/gnutls_handshake.c. - CVE-2014-3466 -- Marc Deslauriers <email address hidden> Sun, 01 Jun 2014 11:04:42 -0400`
Source diff to previous version

Version: 2.12.14-5ubuntu3.7	2014-03-04 15:07:11 UTC
`gnutls26 (2.12.14-5ubuntu3.7) precise-security; urgency=medium * SECURITY UPDATE: certificate validation bypass - debian/patches/CVE-2014-0092.patch: correct return codes in lib/x509/verify.c. - CVE-2014-0092 -- Marc Deslauriers <email address hidden> Mon, 03 Mar 2014 14:16:13 -0500`
Source diff to previous version

Version: 2.12.14-5ubuntu3.6 2014-02-25 18:06:32 UTC

gnutls26 (2.12.14-5ubuntu3.6) precise-security; urgency=medium * SECURITY UPDATE: incorrect v1 intermediate cert handling - debian/patches/CVE-2014-1959.patch: don't consider a v1 intermediate cert to be a valid CA by default in lib/x509/verify.c. - CVE-2014-1959 -- Marc Deslauriers <email address hidden> Mon, 24 Feb 2014 14:01:03 -0500

Source diff to previous version

CVE-2014-1959

GNUTLS-SA-2014-1

Version: 2.12.14-5ubuntu3.5 2013-09-27 12:07:26 UTC

gnutls26 (2.12.14-5ubuntu3.5) precise-proposed; urgency=low * debian/patches/26_ignore_key_usage_violation.patch: Prints debug message on key usage violation rather than treating the violation as fatal. (LP: #1207123) -- Adam Stokes <email address hidden> Mon, 05 Aug 2013 11:57:10 -0400

1207123

Key usage violation in certificate has been detected

About - Send Feedback to @ubuntu_updates

Package "gnutls26"

Links

Other versions of "gnutls26" in Precise

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

security

PPA updates