-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 14 Aug 2015 18:28:30 +0200 Source: gnutls28 Binary: libgnutls28-dev libgnutls-deb0-28 libgnutls28-dbg gnutls-bin gnutls-doc guile-gnutls libgnutlsxx28 libgnutls-openssl27 Architecture: all source Version: 3.3.8-6+deb8u3 Distribution: jessie Urgency: medium Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org> Changed-By: Andreas Metzler <ametzler@debian.org> Closes: 788704 Description: gnutls-bin - GNU TLS library - commandline utilities gnutls-doc - GNU TLS library - documentation and examples guile-gnutls - GNU TLS library - GNU Guile bindings libgnutls28-dbg - GNU TLS library - debugger symbols libgnutls28-dev - GNU TLS library - development files libgnutls-deb0-28 - GNU TLS library - main runtime library libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper libgnutlsxx28 - GNU TLS library - C++ runtime library Changes: gnutls28 (3.3.8-6+deb8u3) jessie; urgency=medium . * Pull 50_Handle-zero-length-plaintext-for-VIA-PadLock-functio.patch from upstream version 3.3.12 to fix a crash in VIA PadLock asm. (Thanks, Peter Lebbing). Closes: #788704 * Pull 51_0001__gnutls_session_sign_algo_enabled-do-not-consider-an.patch 51_0002_before-falling-back-to-SHA1-as-signature-algorithm-i.patch 51_0003_tests-added-reproducer-for-the-MD5-acceptance-issue.patch (the latter unfuzzed) from GnuTLS 3.3.15 to fix GNUTLS-SA-2015-2. - A ServerKeyExchange signature sent by the server was not verified to be in the acceptable by the client set of algorithms. That had the effect of allowing MD5 signatures (which are disabled by default) in the ServerKeyExchange message. Checksums-Sha1: 3c40d629052a6ae6030b7cd0b1fb1ffa56f35c9e 2941 gnutls28_3.3.8-6+deb8u3.dsc 2e4b9aba3af221807bf33eb87bf0085c4959d980 95104 gnutls28_3.3.8-6+deb8u3.debian.tar.xz ce72f27c1d0cbd51668d2b87e4d762efbb77e5a3 3626674 gnutls-doc_3.3.8-6+deb8u3_all.deb Checksums-Sha256: 5c1cd78b2eb4547377ef5c0894de48945265251dbdca2303526cef894e77e46d 2941 gnutls28_3.3.8-6+deb8u3.dsc fe56f1f7a79b855577a5539202408e91a5a7a57095751550d983368cc0c08f8d 95104 gnutls28_3.3.8-6+deb8u3.debian.tar.xz 4237df1548470db035c271b47a2897b3915d4e39e3cd430e89e1c5f1037dc38a 3626674 gnutls-doc_3.3.8-6+deb8u3_all.deb Files: 8ad07147cab2bc286141c0ffe3fbb85d 2941 libs optional gnutls28_3.3.8-6+deb8u3.dsc 0e8fbda2f8b264a4eb0c8cf9c809466a 95104 libs optional gnutls28_3.3.8-6+deb8u3.debian.tar.xz aca4e24bb39775418512e8e20aa3295d 3626674 doc optional gnutls-doc_3.3.8-6+deb8u3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJVz0YIAAoJEKVPAYVDghSELZ0QAIU849YPi7KmShrfHQXtwn8u BHniyHxYFJVXiY/NzOi0++o46mNmvB8eoYXV3oxIIbFa2hVlEnGmZCUmTblDdFMf oI0OiK2fZSfnILoYN+Zhrx4y0ZeO3J7ZGb/b2SUc5KyYv34n6Oj12TCH8O1ZL4tm 6D7syrTrG86uXWr20kgfScLq0Vrm/gyKkopuJ35UjkVK5/Yz4G9LusyP0XbB/U6q dFaJhUYw65hpggNJscPJOiFn07akaGM8nmzCBLDU9Iq2UgEIeSwlBwv4HMnFbqJ1 Wl4C+m8JqOpAgH0SiWXc40CeLg/6JVQTz8CNSOpkn1dopTK8SdzF5jL3yGZpZ38B GkXddtZaOFF8AnDe+ztmj5WiYiWLCMGkZkTJAQWc4qfM93s6vvtI1uyPy666iHeR 19YfM2wgEfXqJaaYzydbDmliGLrVRjajzHIWSVNHz2I85tWb8nrkjKDjO8Vv0DcZ jGd9/bZ66VTR+nceSa+2iVb2BNYBkhgGv7cGeQsAkWHxjPwUGFxB7iZ0lZngRqsM UysdAF0Yp7W8ed8aeI7m7SpBigtHroHYWdwow1xDK0tegXlFjN5N5h+IoDWwuCSk dA5+mn3FVsotWHi0NGgIKuuLlz1JoQnRBubL7mDR3sC/hZbjvQBkh38ZrP4EWq+B zxH1gH4si0Nle1neN7jv =HsqL -----END PGP SIGNATURE-----
