Debian Package Tracker

From: Raphaël Hertzog <hertzog@debian.org>
To: <debian-lts-changes@lists.debian.org>
Subject: Accepted gnutls26 2.8.6-1+squeeze5 (source all amd64) into squeeze-lts
Date: Wed, 25 Mar 2015 07:48:45 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 23 Mar 2015 16:26:52 +0100
Source: gnutls26
Binary: libgnutls-dev libgnutls26 libgnutls26-dbg gnutls-bin gnutls-doc guile-gnutls
Architecture: source all amd64
Version: 2.8.6-1+squeeze5
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Raphaël Hertzog <hertzog@debian.org>
Description: 
 gnutls-bin - the GNU TLS library - commandline utilities
 gnutls-doc - the GNU TLS library - documentation and examples
 guile-gnutls - the GNU TLS library - GNU Guile bindings
 libgnutls-dev - the GNU TLS library - development files
 libgnutls26 - the GNU TLS library - runtime library
 libgnutls26-dbg - GNU TLS library - debugger symbols
Changes: 
 gnutls26 (2.8.6-1+squeeze5) squeeze-lts; urgency=high
 .
   * Non-maintainer upload by the Debian LTS Team.
   * Includes multiple security fixes:
     - CVE-2014-8155: missing date/time checks on CA certificates
     - CVE-2015-0282: GnuTLS does not verify the RSA PKCS #1 signature
       algorithm to match the signature algorithm in the certificate, leading to
       a potential downgrade to a disallowed algorithm without detecting it.
       (Backported patch prepared by the Red Hat security team.)
     - CVE-2015-0294: GnuTLS does not check whether the two signature
       algorithms match on certificate import.
Checksums-Sha1: 
 b5ae1d514a58b444413e7bce3d8ef4c1235cb063 1965 gnutls26_2.8.6-1+squeeze5.dsc
 c7183c583d73e56071ee4238d053f3a288a68aae 26022 gnutls26_2.8.6-1+squeeze5.debian.tar.gz
 fe0fae47c3736f879467eabde4035245dd031e10 3064720 gnutls-doc_2.8.6-1+squeeze5_all.deb
 7ea9a6db1c3857444ec242343ba5f9cd8702819e 638786 libgnutls-dev_2.8.6-1+squeeze5_amd64.deb
 9c10e4b826204e0faec65ac1989fda6656feb8c4 561724 libgnutls26_2.8.6-1+squeeze5_amd64.deb
 ac3ba89fb584f128c145ed8eac3283552457cfb7 1113588 libgnutls26-dbg_2.8.6-1+squeeze5_amd64.deb
 943fe7b4ed086ae4d2b74358adbcbb0428d03847 334780 gnutls-bin_2.8.6-1+squeeze5_amd64.deb
 d2e4e70f981e36642734c457cfe4a3398b154972 259496 guile-gnutls_2.8.6-1+squeeze5_amd64.deb
Checksums-Sha256: 
 7e7b728455743437480ef3a32d0bc4b7353a76b85d40d37fedab05aa93530af7 1965 gnutls26_2.8.6-1+squeeze5.dsc
 5a5f07e40716f983a69b1fa13bb4e62cda1b2906063a555ee602b11b792ea88c 26022 gnutls26_2.8.6-1+squeeze5.debian.tar.gz
 d38a943d6b2bcfdcd0dcb1ea23ebfa8cd9cab41aeb8443916ee4e14cae40ebcc 3064720 gnutls-doc_2.8.6-1+squeeze5_all.deb
 2441ef579f3dcce0ae7acc7d46c6c70446417a6cede379438b3caa0b822f5d75 638786 libgnutls-dev_2.8.6-1+squeeze5_amd64.deb
 b40dd1e2b071f71e355e096f5bdfa0c395094ef862989f8427a20406e58a1f09 561724 libgnutls26_2.8.6-1+squeeze5_amd64.deb
 0f4718ffb2d88924f9dd36a3743594aea6df176b3e560d666f1e137c61d93e04 1113588 libgnutls26-dbg_2.8.6-1+squeeze5_amd64.deb
 373ff7826913b05db203016e227d419f238bac00488fded759ba62f9b80913ea 334780 gnutls-bin_2.8.6-1+squeeze5_amd64.deb
 f5a54694a92e2cef692b508a0d67e2432e618ab34ac834ba1560947225d1f285 259496 guile-gnutls_2.8.6-1+squeeze5_amd64.deb
Files: 
 11c93cd6b36b3accd8917724c4e4c621 1965 libs optional gnutls26_2.8.6-1+squeeze5.dsc
 f8c8efdb97f11985f70f0a23659bf1c3 26022 libs optional gnutls26_2.8.6-1+squeeze5.debian.tar.gz
 de33fe5e8e2db99f844eb51653ee7465 3064720 doc optional gnutls-doc_2.8.6-1+squeeze5_all.deb
 48a03e003a7e98f4d04aa27529508c80 638786 libdevel optional libgnutls-dev_2.8.6-1+squeeze5_amd64.deb
 6dace38437decd9fe3a103d147b65df5 561724 libs standard libgnutls26_2.8.6-1+squeeze5_amd64.deb
 6f00b9b6ded39e716fa29e28bb0a96ad 1113588 debug extra libgnutls26-dbg_2.8.6-1+squeeze5_amd64.deb
 34e66a6464c6d3221530f32e6cc13913 334780 net optional gnutls-bin_2.8.6-1+squeeze5_amd64.deb
 20479ad9d86576b8e87e5651ed310f62 259496 lisp optional guile-gnutls_2.8.6-1+squeeze5_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Signed by Raphael Hertzog

iQEcBAEBCAAGBQJVEmdTAAoJEAOIHavrwpq52JYH/3biBcGUptuikvZmY3gcDtBF
ywGWOIBfwktu+nlolNY7VNFpewiOdlmIJliMMQRKUzQEXQEX7yo1sGZ8iDTMY32p
uqNQI/MZci1mco2A3ABtOoE7AohThS5klQZXyoQteOP1ZICZ0jiSCRWtgQdgALHM
sQmpkdWNnKcwj9ywENkhItPjXwaEgv/4yZEy76WbOujwrrdtJlQwt6QN9APrPu9S
d+YiRSCKIZ4wtCPtli9KD4D4xzXfxu2Iz81GnshqJ68+tdHhM/RZ7aPIurfJsXnh
IanUCEnMvLA7jOKpNoHV5N+tn6KoNzeIXonFly2XI2H6MOva4YwmZyvcVxrSdiM=
=uHHt
-----END PGP SIGNATURE-----
News for package gnutls26
