[ubuntu/focal-security] gnutls28 3.6.13-2ubuntu1.12 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Thu Feb 20 17:56:50 UTC 2025
gnutls28 (3.6.13-2ubuntu1.12) focal-security; urgency=medium
* SECURITY UPDATE: resource consumption issue when decoding DER-encoded
certificate data
- debian/patches/CVE-2024-12243-pre1.patch: add _gnutls_reallocarray
and _gnutls_reallocarray_fast in lib/mem.*.
- debian/patches/CVE-2024-12243-pre2.patch: add INT_ADD_OK etc in
gl/intprops.h.
- debian/patches/CVE-2024-12243.patch: optimize name constraints
processing in lib/datum.c, lib/x509/name_constraints.c,
lib/x509/x509_ext.c, lib/x509/x509_ext_int.h, lib/x509/x509_int.h.
- CVE-2024-12243
Date: 2025-02-12 21:30:11.397314+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/gnutls28/3.6.13-2ubuntu1.12
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list