axtls - Debian Package Tracker

general

versioned links

2.1.5+ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

Multiarch hinter reports 1 issue(s) high

There are issues with the multiarch metadata for this package.

libaxtls-dev conflicts on /usr/share/doc/libaxtls-dev/samples/c/axssl.o.gz on any two of arm64, armel, armhf, i386, and 4 more

Created: 2021-12-27 Last update: 2022-05-19 03:10

2 security issues in sid high

2 important issues:

CVE-2019-9689: process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.
CVE-2019-10013: The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size.

Created: 2021-02-19 Last update: 2021-12-05 06:30

2 security issues in bookworm high

There are 2 open security issues in bookworm.

2 important issues:

CVE-2019-9689: process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.
CVE-2019-10013: The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size.

Created: 2021-09-25 Last update: 2021-09-25 05:30

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 2-day delay is over. Check why.

Created: 2021-10-10 Last update: 2022-05-19 08:32

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-08-22 06:03

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2020-01-14 Last update: 2020-11-09 05:34

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.1 instead of 4.4.1).

Created: 2020-01-21 Last update: 2022-05-11 23:25

testing migrations

[2021-10-11] axtls REMOVED from testing (Debian testing watch)
[2021-09-25] axtls 2.1.5+ds-1 MIGRATED to testing (Debian testing watch)
[2020-04-07] axtls REMOVED from testing (Debian testing watch)
[2020-02-01] axtls 2.1.5+ds-1 MIGRATED to testing (Debian testing watch)
[2020-01-13] Accepted axtls 2.1.5+ds-1 (source amd64) into unstable, unstable (Yangfl) (signed by: Adam Borowski)

bugs [bug history graph]

links

ubuntu