[Bug 1929229] Re: Please merge gnutls28 3.7.1-4 (main) from Debian unstable
Brian Murray
1929229 at bugs.launchpad.net
Fri May 28 03:29:43 UTC 2021
I've gone ahead and uploaded this for impish but I made one modification
to the changelog entry. I dropped the line regarding "* Merge CVE fixes
CVE-2021-20231 CVE-2021-20232" because there isn't anything different
about the Ubuntu version of the package from Debian. We can see that
those CVE fixes were included in Debian.
gnutls28 (3.7.1-1) unstable; urgency=medium
* New upstream version
Fixes potential use-after-free in sending "key_share" and "pre_shared_key"
extensions. GNUTLS-SA-2021-03-10. CVE-2021-20231 CVE-2021-20232
* Upload to unstable.
-- Andreas Metzler <ametzler at debian.org> Wed, 10 Mar 2021 19:02:31
+0100
I'm not sure why a previous uploader added that line to their changelog
but it seems unnecessary.
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20231
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-20232
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to gnutls28 in Ubuntu.
https://bugs.launchpad.net/bugs/1929229
Title:
Please merge gnutls28 3.7.1-4 (main) from Debian unstable
Status in gnutls28 package in Ubuntu:
Confirmed
Bug description:
This requires a merge because there are changes in the Ubuntu version
not present in the Debian version.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1929229/+subscriptions
More information about the foundations-bugs
mailing list