Debian Package Tracker

From: Andreas Metzler <ametzler@debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted gnutls11 1.0.16-13.2sarge2 (source i386)
Date: Sat, 28 Oct 2006 08:25:37 -0700
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 16 Sep 2006 13:23:30 +0200
Source: gnutls11
Binary: libgnutls11 libgnutls11-dev gnutls-bin libgnutls11-dbg
Architecture: source i386
Version: 1.0.16-13.2sarge2
Distribution: stable-security
Urgency: high
Maintainer: Matthias Urlichs <smurf@debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description: 
 gnutls-bin - GNU TLS library - commandline utilities
 libgnutls11 - GNU TLS library - runtime library
 libgnutls11-dbg - GNU TLS library - debugger symbols
 libgnutls11-dev - GNU TLS library - development files
Changes: 
 gnutls11 (1.0.16-13.2sarge2) stable-security; urgency=high
 .
   * Pulled from upstream 1.4.2-->1.4.4:
        Fix PKCS#1 verification to avoid a variant of Bleichenbacher's Crypto
        06 rump session attack. See
        <http://www.imc.org/ietf-openpgp/mail-archive/msg14307.html> (which is
        not exactly the same as the problem we fix here).  Reported by Yutaka
        OIWA <y.oiwa@aist.go.jp>.
 .
        See GNUTLS-SA-2006-4 on http://www.gnutls.org/security.html for more
        information.
     CVE-2006-4790
Files: 
 72116e13ca8af0d4c0420a6a5fba01fb 820 devel optional gnutls11_1.0.16-13.2sarge2.dsc
 7b410fa3c563c7988e434a8c8671b3cd 1504638 devel optional gnutls11_1.0.16.orig.tar.gz
 46c4495ad9c32f53a362669432b548d0 346146 devel optional gnutls11_1.0.16-13.2sarge2.diff.gz
 e649a2f476791e825c923003b152484c 370390 libdevel optional libgnutls11-dev_1.0.16-13.2sarge2_i386.deb
 7af47286dd7a1fca42f80b1dfd87bb7d 301988 libs important libgnutls11_1.0.16-13.2sarge2_i386.deb
 c5e07873a863d46892921effa3423038 558658 devel optional libgnutls11-dbg_1.0.16-13.2sarge2_i386.deb
 3a6b6996db3db6bd92947fb552b61599 206826 net optional gnutls-bin_1.0.16-13.2sarge2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFFEEoyXm3vHE4uyloRAnJTAKC0EG58FWZ6CdJMOmFlrQhrf2n1vQCg6/3h
SsS7Ovw5foFWlwETy9FIv1M=
=UAEP
-----END PGP SIGNATURE-----


Accepted:
gnutls-bin_1.0.16-13.2sarge2_i386.deb
  to pool/main/g/gnutls11/gnutls-bin_1.0.16-13.2sarge2_i386.deb
gnutls11_1.0.16-13.2sarge2.diff.gz
  to pool/main/g/gnutls11/gnutls11_1.0.16-13.2sarge2.diff.gz
gnutls11_1.0.16-13.2sarge2.dsc
  to pool/main/g/gnutls11/gnutls11_1.0.16-13.2sarge2.dsc
libgnutls11-dbg_1.0.16-13.2sarge2_i386.deb
  to pool/main/g/gnutls11/libgnutls11-dbg_1.0.16-13.2sarge2_i386.deb
libgnutls11-dev_1.0.16-13.2sarge2_i386.deb
  to pool/main/g/gnutls11/libgnutls11-dev_1.0.16-13.2sarge2_i386.deb
libgnutls11_1.0.16-13.2sarge2_i386.deb
  to pool/main/g/gnutls11/libgnutls11_1.0.16-13.2sarge2_i386.deb
News for package gnutls11
