[ubuntu/artful-proposed] mbedtls 2.5.1-1ubuntu1 (Accepted)

[James Cowgill]

mbedtls (2.5.1-1ubuntu1) artful; urgency=medium

  * SECURITY UPDATE: If optional authentication is configured, allows
    remote attackers to bypass peer authentication via an X.509 certificate
    chain with many intermediates. (LP: #1714640)
    - debian/patches/CVE-2017-14032.patch, backport two upstream patches to
      return and handle a new "fatal error" error code in case of long
      certificate chains.
    - CVE-2017-14032

Date: Wed, 06 Sep 2017 21:11:46 -0500
Changed-By: James Cowgill <jcowgill at debian.org>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Simon Quigley <tsimonq2 at ubuntu.com>
https://launchpad.net/ubuntu/+source/mbedtls/2.5.1-1ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Wed, 06 Sep 2017 21:11:46 -0500
Source: mbedtls
Binary: libmbedtls-dev libmbedcrypto0 libmbedtls10 libmbedx509-0 libmbedtls-doc
Architecture: source
Version: 2.5.1-1ubuntu1
Distribution: artful
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: James Cowgill <jcowgill at debian.org>
Description:
 libmbedcrypto0 - lightweight crypto and SSL/TLS library - crypto library
 libmbedtls-dev - lightweight crypto and SSL/TLS library - development files
 libmbedtls-doc - lightweight crypto and SSL/TLS library - documentation
 libmbedtls10 - lightweight crypto and SSL/TLS library - tls library
 libmbedx509-0 - lightweight crypto and SSL/TLS library - x509 certificate library
Launchpad-Bugs-Fixed: 1714640
Changes:
 mbedtls (2.5.1-1ubuntu1) artful; urgency=medium
 .
   * SECURITY UPDATE: If optional authentication is configured, allows
     remote attackers to bypass peer authentication via an X.509 certificate
     chain with many intermediates. (LP: #1714640)
     - debian/patches/CVE-2017-14032.patch, backport two upstream patches to
       return and handle a new "fatal error" error code in case of long
       certificate chains.
     - CVE-2017-14032
Checksums-Sha1:
 51680e1293aef6bbd01f2cc13e27a74b9dbeef0c 2266 mbedtls_2.5.1-1ubuntu1.dsc
 e3e2b60b6ef9da28ca7cbce3a46f977553258737 15304 mbedtls_2.5.1-1ubuntu1.debian.tar.xz
 33e27128a97c6099e0ce96ba54f374a6f1d63bbd 7513 mbedtls_2.5.1-1ubuntu1_source.buildinfo
Checksums-Sha256:
 a6e8ccee87f5a68991b5b2fa9877ae0798f7b4bd7ca774c56f29dfd8561cb00e 2266 mbedtls_2.5.1-1ubuntu1.dsc
 a7e6a931bf93081e9026082b05ff862e511647648b29b022d413133fe0aed9ce 15304 mbedtls_2.5.1-1ubuntu1.debian.tar.xz
 a6e650859ec1ad8ed199c5d31efacfff2ac52d3f234da21e389d66b94aa7bcbb 7513 mbedtls_2.5.1-1ubuntu1_source.buildinfo
Files:
 50cbb48e76b7d4813c9eb6313ea31b9a 2266 libs optional mbedtls_2.5.1-1ubuntu1.dsc
 57fecad333e392624234dcb8c1ce3949 15304 libs optional mbedtls_2.5.1-1ubuntu1.debian.tar.xz
 8e052c2c9911aaeb3bbbbdd3006f3330 7513 libs optional mbedtls_2.5.1-1ubuntu1_source.buildinfo
Original-Maintainer: James Cowgill <jcowgill at debian.org>

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJZsKroAAoJEOJ/LPhFjC+kozwP/3Btyp3cwIkJKjPAeBHUSic7
dhzoQ0Ts0tuyUSPtwMQq5d9IVmUeUkBBlaZMXEdfgX8OwaU50KwoiWyrsG6QNMgq
+ZqkIcS7cjwg9rLPvdCaw4B1ADhFPBmzAi83MLJ+iHPH1L5udiF8RfFNrCiOuYLs
qos1KarsfzUglSAAvaMYf7W0IXtVLJonmsVC6/79ldJMlejVefh9yE4u4TxUmJyr
OmyLAK5EH0oKNIiZHLNk080QDmrqb3Wyq71YkOLX4a5RTB1GzalOtjh3zZ48lJ22
WJ3NwYwWjph1JAmTHo8dyufg4ehhKhNBqczur2AsxzdHPtbfv6WdzdOIaeuuLtQE
ICK8CegRewqpZmFDasU7sKqnAn/TLz1UnQtNgKn4Y7WfqFoHlySgB3WRxXKuB969
rKPDm+P5/qSE9QCiC7ZHGPY/pENIBn2p/aC9G4paqmZ1BKlkpit4cv9A7RRA0w2k
rklum0rMpo74kjNM2Mo99bQRJ7xNtpPsT4lYuoGOJpTA8yZm3zg+tNNFXZb4Jujm
njdwuGzyHsPYfxVcz15TE3l8/hxd6X7MDv3Dq13uHIozKk/vj0g/du2KZNEhS/cc
qQ5NRDuBpWRr0KUrcjefiH0DnD0X3U/pTzeVO/v5lTWlbcFABGSwNE6aO7+9w2T0
bxZcmbWSKZxvLxbjaoLq
=GFuZ
-----END PGP SIGNATURE-----