[Pkg-gnutls-commits] r824 - in /packages/gnutls26/branches/branch2.4.2-6lenny/debian: changelog libgnutls26.NEWS patches/26_CVE-2009-2730.diff patches/27_fix_openpgp.diff

ametzler at users.alioth.debian.org ametzler at users.alioth.debian.org
Sat Jan 9 14:20:22 UTC 2010 

Author: ametzler
Date: Sat Jan  9 14:20:21 2010
New Revision: 824

URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=824
Log:
import 2.4.2-6+lenny2 security upload.

Removed:
    packages/gnutls26/branches/branch2.4.2-6lenny/debian/libgnutls26.NEWS
    packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/27_fix_openpgp.diff
Modified:
    packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog
    packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/26_CVE-2009-2730.diff

Modified: packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog?rev=824&op=diff
==============================================================================
--- packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog (original)
+++ packages/gnutls26/branches/branch2.4.2-6lenny/debian/changelog Sat Jan  9 14:20:21 2010
@@ -1,13 +1,10 @@
-gnutls26 (2.4.2-6+lenny1.1) stable-security; urgency=low
-
-  * Fixes for CVE-2009-2730 / GNUTLS-SA-2009-4, a vulnerability related
-    to NUL bytes in X.509 certificate name fields. Closes: #541439
-    + 26_CVE-2009-2730.patch.
-    + 27_fix_opengpp.diff - Previous patch broke openpgp auth.
-  * Finally add an entry to the NEWS.Debian file concerning the deprecation of
-    RSA-MD2 and RSA-MD5 for signature verification. Closes: #514578
-
- -- Andreas Metzler <ametzler at debian.org>  Sat, 22 Aug 2009 08:56:57 +0200
+gnutls26 (2.4.2-6+lenny2) stable-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fixed CVE-2009-2730: a vulnerability related to NUL bytes in X.509
+    certificate name fields. (Closes: #541439) GNUTLS-SA-2009-4
+
+ -- Giuseppe Iuculano <iuculano at debian.org>  Sun, 01 Nov 2009 21:29:06 +0100
 
 gnutls26 (2.4.2-6+lenny1) stable-security; urgency=high
 

Modified: packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/26_CVE-2009-2730.diff
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/26_CVE-2009-2730.diff?rev=824&op=diff
==============================================================================
--- packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/26_CVE-2009-2730.diff (original)
+++ packages/gnutls26/branches/branch2.4.2-6lenny/debian/patches/26_CVE-2009-2730.diff Sat Jan  9 14:20:21 2010
@@ -12,13 +12,6 @@
 diff -Nur -x '*.orig' -x '*~' gnutls26-2.4.2/lib/gnutls_str.c gnutls26-2.4.2.new/lib/gnutls_str.c
 --- gnutls26-2.4.2/lib/gnutls_str.c	2008-09-15 15:04:19.000000000 -0500
 +++ gnutls26-2.4.2.new/lib/gnutls_str.c	2009-08-14 13:52:59.222006047 -0500
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (C) 2002, 2004, 2005, 2007, 2008  Free Software Foundation
-+ * Copyright (C) 2002, 2004, 2005, 2007, 2008, 2009  Free Software Foundation
-  *
-  * Author: Nikos Mavrogiannopoulos
-  *
 @@ -331,16 +331,21 @@
  
  /* compare hostname against certificate, taking account of wildcards
@@ -94,13 +87,6 @@
 diff -Nur -x '*.orig' -x '*~' gnutls26-2.4.2/lib/x509/common.c gnutls26-2.4.2.new/lib/x509/common.c
 --- gnutls26-2.4.2/lib/x509/common.c	2008-09-15 15:04:19.000000000 -0500
 +++ gnutls26-2.4.2.new/lib/x509/common.c	2009-08-14 13:49:43.538006866 -0500
-@@ -1,5 +1,5 @@
- /*
-- * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation
-+ * Copyright (C) 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation
-  *
-  * Author: Nikos Mavrogiannopoulos
-  *
 @@ -241,6 +241,10 @@
      {
        str[len] = 0;

More information about the Pkg-gnutls-commits mailing list