Debian Package Tracker

From: Andreas Metzler <ametzler@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted gnutls26 2.6.6-1 (source all i386)
Date: Thu, 30 Apr 2009 18:02:16 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 30 Apr 2009 19:00:21 +0200
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source all i386
Version: 2.6.6-1
Distribution: unstable
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 guile-gnutls - the GNU TLS library - GNU Guile bindings
 libgnutls-dev - the GNU TLS library - development files
 libgnutls26 - the GNU TLS library - runtime library
 libgnutls26-dbg - GNU TLS library - debugger symbols
Changes: 
 gnutls26 (2.6.6-1) unstable; urgency=high
 .
   * use @LTLIBTASN1@ instead of @LIBTASN1@ in Libs.private of *.pc.in. This
     way lib-link.m4 gives us -ltasn1 instead of /usr/lib/libtasn1.so.
   * New upstream security release.
     + libgnutls: Corrected double free on signature verification failure.
       GNUTLS-SA-2009-1 CVE-2009-1415
     + libgnutls: Fix DSA key generation. Noticed when investigating the
       previous GNUTLS-SA-2009-1 problem. All DSA keys generated using GnuTLS
       2.6.x are corrupt.  See the advisory for more details.
       GNUTLS-SA-2009-2 CVE-2009-1416
     + libgnutls: Check expiration/activation time on untrusted certificates.
       Before the library did not check activation/expiration times on
       certificates, and was documented as not doing so.
       GNUTLS-SA-2009-3 CVE-2009-1417
    * The former two issues only apply to gnutls 2.6.x. The latter is a
      brehavior change, add a NEWS.Debian file to document it.
Checksums-Sha1: 
 bb787b6f5cf0423d613b0812545fd3f494ab0fd4 1576 gnutls26_2.6.6-1.dsc
 9a46b2679ab43cf02b9d9ac7477720dc874fc008 6160645 gnutls26_2.6.6.orig.tar.gz
 0955931bb300f0a8f1a6ede1e82c9cd2a788c4e7 16679 gnutls26_2.6.6-1.diff.gz
 bfbe2180b044412467bcdccd4ae4fa871ea0a6d9 2841818 gnutls-doc_2.6.6-1_all.deb
 6b1dafb20cb58c67f6b49ed48c044615ea77106b 551362 libgnutls-dev_2.6.6-1_i386.deb
 4fedc0be58e1b65fbb7d808f7a695fd129cdb63c 477376 libgnutls26_2.6.6-1_i386.deb
 baeacf5de7677c95ef0e52a2e198605ea3f894f8 1060626 libgnutls26-dbg_2.6.6-1_i386.deb
 2f3555144ee58da573d14ee049e4cb607c8bfd25 284568 gnutls-bin_2.6.6-1_i386.deb
 4fcc28f039f2b987f84a6ac72fa3b374e24acac0 220072 guile-gnutls_2.6.6-1_i386.deb
Checksums-Sha256: 
 3f86548588d9641385f7edb1d541ed398cc530076f47f7b5177443b37a6b3f34 1576 gnutls26_2.6.6-1.dsc
 2fae439967df9ffb7a52f5f2c169a7fc589cbd14ba313f29f88fe5012db77082 6160645 gnutls26_2.6.6.orig.tar.gz
 3a709b6ab7decdb928951b74f9dddb8d1c49b73b39bb1d34463de7eb92ae7889 16679 gnutls26_2.6.6-1.diff.gz
 b58e56557aa7357b823fc033c4e93f92d66400d7c6f307ca8e47a27f46a85ccf 2841818 gnutls-doc_2.6.6-1_all.deb
 b403cae7de895f0c4444002d0ebb0ca0ee94213f32edcbb8b1d444733c4a676e 551362 libgnutls-dev_2.6.6-1_i386.deb
 a26ad4d87a7f00a93ba5c01a0b6f539798da5512024b6faea8cfd763fdc2b58c 477376 libgnutls26_2.6.6-1_i386.deb
 3e17110d7471e99698033a5b443bac5474a72d274344e73b719ef7d000002f47 1060626 libgnutls26-dbg_2.6.6-1_i386.deb
 8b4ffc0f004cd0570f35941d786ff2cff906f6261b74841509a623b356715b8d 284568 gnutls-bin_2.6.6-1_i386.deb
 a3c7689e14db460f36019360041275948e0411d561819a2c6dd5e4fc6d034e75 220072 guile-gnutls_2.6.6-1_i386.deb
Files: 
 9065519cf9be770b353ebbbe63a9eaa5 1576 devel optional gnutls26_2.6.6-1.dsc
 a5ac3b8e0b456930d88ded2af687ea4f 6160645 devel optional gnutls26_2.6.6.orig.tar.gz
 203b79ff50ad425b628bcccc1e2dd9c5 16679 devel optional gnutls26_2.6.6-1.diff.gz
 1401e496790d6e7fa2074177cc759750 2841818 doc optional gnutls-doc_2.6.6-1_all.deb
 dc4a2de0abb4a585852935b1f464998f 551362 libdevel optional libgnutls-dev_2.6.6-1_i386.deb
 8044287859924f92e4a6c875321048c3 477376 libs important libgnutls26_2.6.6-1_i386.deb
 1dbb513ce3a207972a95ea14c15a3879 1060626 debug extra libgnutls26-dbg_2.6.6-1_i386.deb
 84a89d38f72712fec73de27bc023ab9c 284568 net optional gnutls-bin_2.6.6-1_i386.deb
 74ff31c4aae0d527af528b40433ceb7e 220072 lisp optional guile-gnutls_2.6.6-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkn54lwACgkQHTOcZYuNdmN7TwCggpJ66EmGZr/EpbDt0RexRMO9
NiEAn2KK8HSShK0fIORVi6p1FxOAXq0b
=nl+3
-----END PGP SIGNATURE-----


Accepted:
gnutls-bin_2.6.6-1_i386.deb
  to pool/main/g/gnutls26/gnutls-bin_2.6.6-1_i386.deb
gnutls-doc_2.6.6-1_all.deb
  to pool/main/g/gnutls26/gnutls-doc_2.6.6-1_all.deb
gnutls26_2.6.6-1.diff.gz
  to pool/main/g/gnutls26/gnutls26_2.6.6-1.diff.gz
gnutls26_2.6.6-1.dsc
  to pool/main/g/gnutls26/gnutls26_2.6.6-1.dsc
gnutls26_2.6.6.orig.tar.gz
  to pool/main/g/gnutls26/gnutls26_2.6.6.orig.tar.gz
guile-gnutls_2.6.6-1_i386.deb
  to pool/main/g/gnutls26/guile-gnutls_2.6.6-1_i386.deb
libgnutls-dev_2.6.6-1_i386.deb
  to pool/main/g/gnutls26/libgnutls-dev_2.6.6-1_i386.deb
libgnutls26-dbg_2.6.6-1_i386.deb
  to pool/main/g/gnutls26/libgnutls26-dbg_2.6.6-1_i386.deb
libgnutls26_2.6.6-1_i386.deb
  to pool/main/g/gnutls26/libgnutls26_2.6.6-1_i386.deb
News for package gnutls26
