[ubuntu/zesty-proposed] gnutls28 3.5.6-4ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at ubuntu.com
Wed Feb 1 20:00:21 UTC 2017
gnutls28 (3.5.6-4ubuntu3) zesty; urgency=medium
* SECURITY UPDATE: double-free when reading proxy language
- debian/patches/CVE-2017-5334.patch: fix double-free in
lib/x509/x509_ext.c.
- CVE-2017-5334
* SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
lib/opencdk/read-packet.c.
- CVE-2017-5335
* SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
lib/opencdk/pubkey.c.
- CVE-2017-5336
* SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
lib/opencdk/read-packet.c.
- CVE-2017-5337
Date: Wed, 01 Feb 2017 14:21:40 -0500
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/gnutls28/3.5.6-4ubuntu3
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 01 Feb 2017 14:21:40 -0500
Source: gnutls28
Binary: libgnutls28-dev libgnutls30 gnutls-bin gnutls-doc libgnutlsxx28 libgnutls-openssl27
Architecture: source
Version: 3.5.6-4ubuntu3
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
gnutls-bin - GNU TLS library - commandline utilities
gnutls-doc - GNU TLS library - documentation and examples
libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
libgnutls28-dev - GNU TLS library - development files
libgnutls30 - GNU TLS library - main runtime library
libgnutlsxx28 - GNU TLS library - C++ runtime library
Changes:
gnutls28 (3.5.6-4ubuntu3) zesty; urgency=medium
.
* SECURITY UPDATE: double-free when reading proxy language
- debian/patches/CVE-2017-5334.patch: fix double-free in
lib/x509/x509_ext.c.
- CVE-2017-5334
* SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
lib/opencdk/read-packet.c.
- CVE-2017-5335
* SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
lib/opencdk/pubkey.c.
- CVE-2017-5336
* SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
lib/opencdk/read-packet.c.
- CVE-2017-5337
Checksums-Sha1:
6c2b2c576b4cff07504ef8d74bc7f68e7df72675 3263 gnutls28_3.5.6-4ubuntu3.dsc
a297c293ba6092b5e0168277af4bfa05423cb10a 118676 gnutls28_3.5.6-4ubuntu3.debian.tar.xz
Checksums-Sha256:
52a77f1dd74d9d4d6e864c57e8ffd253fdaac983bca5f3e34e4b51576c412300 3263 gnutls28_3.5.6-4ubuntu3.dsc
b1278b3312da6e82baf1ae91e1fb06ea0dc0c679dbe9fad8ff068408dc5ab4ed 118676 gnutls28_3.5.6-4ubuntu3.debian.tar.xz
Files:
0805f176bda6b724cc1d15d7c187f6a5 3263 libs optional gnutls28_3.5.6-4ubuntu3.dsc
0998ccc6958268121788ddac199b3ffc 118676 libs optional gnutls28_3.5.6-4ubuntu3.debian.tar.xz
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJYkjw9AAoJEGVp2FWnRL6TzTAQAJxafXjAtQuf/xZc4v8roIP5
qHck+ys30d2f8wymv3OFCuppln+bXCcuPQ98szkMjaj8OTE1n0ZUAqyqHPBilhEp
0howGIrmkQiAzwfPUWHkOC4selwPw0Ibx/dyak8dQKnEF+UdHQpgrU19rA8JkGKv
fwwfttT/1YqFH5aEdbh4OpV36kd83FWkNeQKw9goeqiVEErgOrCt33VMg/J5h7Yb
0DXOF9ZcyqB2HHX6yF17D3npbrY0ApCBfMVQOPUJTJ702yagGLhDneUWu7jr1AIz
t++MWsL/oX8CcgYOpdNzmsZ9ktvgqOyzWk4fXZbzGb11MrpQhb7ruzub/cJHioLV
hHGa7kPBmf+hKtFhwx0XlFkU1wIOKdC27SRjkff3ZJwbfxLLDTZ8TwJooAKw8+Vj
6BQh8TWVaYt7k2URrlScZ6Sgp+Bgya2zuHf3s3tcqJQtycSs+6dJTEMtOXwsb/DN
trkPvV39nRRBU4vCoh+fV8GirwJk8lcfPzUQtp91yOFHL5DRVEqMXnxrS3Hz2B4G
NMJtR5RtJoi4tShlBmYARR+8i7AxbCgIvlAwnRzjecY3sWvgxt7vErTuB2mr49/O
jxOCWJWIPVuBPQaKxkSur+/J/NyGO5oAPZGgBJvWEbc9TiP2EMy51QBIWXZGhvFW
YwtlELuXorzdB8aoJqxW
=D+IX
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list