axtls - Debian Package Tracker

general

versioned links

2.1.5+ds-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

action needed

2 security issues in sid high

2 important issues:

CVE-2019-10013: The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size.
CVE-2019-9689: process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.

Created: 2021-02-19 Last update: 2021-03-21 19:04

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 20-day delay is over. Check why.

Created: 2020-04-06 Last update: 2021-04-17 01:33

lintian reports 4 warnings normal

Lintian reports 4 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2020-07-29 Last update: 2020-08-22 06:03

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2020-01-14 Last update: 2020-11-09 05:34

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.4.1).

Created: 2020-01-21 Last update: 2020-11-17 05:41

testing migrations

[2020-04-07] axtls REMOVED from testing (Debian testing watch)
[2020-02-01] axtls 2.1.5+ds-1 MIGRATED to testing (Debian testing watch)
[2020-01-13] Accepted axtls 2.1.5+ds-1 (source amd64) into unstable, unstable (Yangfl) (signed by: Adam Borowski)

bugs [bug history graph]

links

ubuntu