-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Format: 1.8
Date: Thu, 07 Feb 2013 10:19:02 +0100
Source: gnutls28
Binary: libgnutls28-dev libgnutls28 libgnutls28-dbg gnutls-bin gnutls-doc guile-gnutls libgnutlsxx28
Architecture: source all i386
Version: 3.0.22-3
Distribution: unstable
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
gnutls-bin - GNU TLS library - commandline utilities
gnutls-doc - GNU TLS library - documentation and examples
guile-gnutls - GNU TLS library - GNU Guile bindings
libgnutls28 - GNU TLS library - main runtime library
libgnutls28-dbg - GNU TLS library - debugger symbols
libgnutls28-dev - GNU TLS library - development files
libgnutlsxx28 - GNU TLS library - C++ runtime library
Changes:
gnutls28 (3.0.22-3) unstable; urgency=high
.
* Pull the same set of fixes included in gnutls26 2.12.20-4 for gnutls28,
if they are missing. (34_pkcs11_memleak.diff was part of 3.0.14.):
+40_Prevent-the-usage-of-strlen-on-null-values.patch Fix segfault caused
by running strlen() on NULL. See #647747.
+41_Tolerate-key-usage-violation.patch Always tolerate key usage
violation errors from the side of the peer, but also notify via an
audit message.
+42_Corrected-bugs-in-record-parsing.patch Fix record padding parsing
issue. This was also reported in the "lucky thirteen" paper.
+43_Stricter-RSA-PKCS-1-1.5-encoding.-Reported-by-Kikuch.patch Fixes
random handshake failures with non-GnuTLS implementations.
+45_Fixes-to-avoid-a-timing-attack-in-TLS-CBC-record-par.patch
(GNUTLS-SA-2013-1) TLS CBC padding timing attack. CVE-2013-0169
CVE-2013-1619.
Checksums-Sha1:
a260ecfb5d77ad24ee392f25e50aa7be5a95218b 1960 gnutls28_3.0.22-3.dsc
abb037f56401d6df6bb0f7a342a3ea5afc313826 32822 gnutls28_3.0.22-3.debian.tar.gz
a98373affde8a7a5910d008a700ead11ec6b6f09 3213972 gnutls-doc_3.0.22-3_all.deb
4f5e7258dfddf284b5c364eaa8d334b4946f9614 830358 libgnutls28-dev_3.0.22-3_i386.deb
5bdd1508d5e91a93e1f9b19046e9e4c51501080f 716522 libgnutls28_3.0.22-3_i386.deb
cd4c001b3a3785160032e708c08855182e409428 2167144 libgnutls28-dbg_3.0.22-3_i386.deb
d69018ef01296811be966a6d3bcd235ac7894dd3 436144 gnutls-bin_3.0.22-3_i386.deb
4252e22c9c3d5df9d31358d67ca99e4fbf5eb213 280100 guile-gnutls_3.0.22-3_i386.deb
23e773992e1e6cfa196b2165a8b5231305862c81 21486 libgnutlsxx28_3.0.22-3_i386.deb
Checksums-Sha256:
381ce4b332e931b6b08dc41530bcf69e1252747be75ec7d176a62574fea4b7b3 1960 gnutls28_3.0.22-3.dsc
b4456046235ec526f21cdecae85d626f6e0c13939511fda7ad6f7681c3789fba 32822 gnutls28_3.0.22-3.debian.tar.gz
1952b2bd3592794eeafa45955925af21e70950202a521efd4274b3ed22a5b507 3213972 gnutls-doc_3.0.22-3_all.deb
522a165d7ee83acff355c3d17fee98b872238ff210bfc84aaa42e8c48496944e 830358 libgnutls28-dev_3.0.22-3_i386.deb
19033d6dec38b107c3f7c2f79e7af7860d6d2f359d1a91f707e4af350811b08f 716522 libgnutls28_3.0.22-3_i386.deb
713247f474d41813f66d891befc8628a424e59698908fd5557fddc9512d55dc1 2167144 libgnutls28-dbg_3.0.22-3_i386.deb
f88330bb6b4253be3053f0c0665148c290c7bb1c7d444eb70ad3243cb408a5c1 436144 gnutls-bin_3.0.22-3_i386.deb
35ea6036929b0f0f561396f14564617cc8aef3545e4bdac461fd11418c46af1a 280100 guile-gnutls_3.0.22-3_i386.deb
5072cf52759ab516e0a953c03ca2b940e7dc21106d922623dd92a72091ed13ba 21486 libgnutlsxx28_3.0.22-3_i386.deb
Files:
31c32c10a77c011f1a0d71132cac4500 1960 libs optional gnutls28_3.0.22-3.dsc
00512bc148437c249770199b80901e6b 32822 libs optional gnutls28_3.0.22-3.debian.tar.gz
fe353cadf5d85bf5d2a89737e23cb9ba 3213972 doc optional gnutls-doc_3.0.22-3_all.deb
fbc2987c1b134c052b19415eb1e8b123 830358 libdevel optional libgnutls28-dev_3.0.22-3_i386.deb
6ba2250204788bb26e6808e9f33a55c7 716522 libs standard libgnutls28_3.0.22-3_i386.deb
d852d5cf841619f140e6069794cb1934 2167144 debug extra libgnutls28-dbg_3.0.22-3_i386.deb
34e4c57fc23612bf11c9d25584d95a39 436144 net optional gnutls-bin_3.0.22-3_i386.deb
04a959547293e57621ce9a9932b124b4 280100 lisp optional guile-gnutls_3.0.22-3_i386.deb
cbd96caa33a5758151999de7d1db204f 21486 libs extra libgnutlsxx28_3.0.22-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEAREDAAYFAlETedcACgkQHTOcZYuNdmNEZgCfZlNS98XQ6fC6nVZONSDylf8j
xegAnAhDa4rd2eO/2/NClClHahWrxftp
=xW4y
-----END PGP SIGNATURE-----
