Package: gnutls26 / 2.12.20-8+deb7u5
Metadata
Package | Version | Patches format |
---|---|---|
gnutls26 | 2.12.20-8+deb7u5 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
14_version_gettextcat.diff | (download) |
lib/po/Makevars |
2 1 + 1 - 0 ! |
--- |
16_unnecessarydep.diff | (download) |
configure |
2 1 + 1 - 0 ! |
--- |
17_ignoretestsuitteerrors.diff | (download) |
tests/dsa/testdsa |
6 4 + 2 - 0 ! |
ignore two testsuite errors |
18_gpgerrorinpkgconfig.diff | (download) |
lib/gnutls.pc.in |
2 1 + 1 - 0 ! |
[pkg-config] add libgpg-error to gnutls' libs.private. |
20_tests select.diff | (download) |
gl/tests/Makefile.in |
2 1 + 1 - 0 ! |
disable gnulib test-select test This test fails on kfreebsd-i386. As the code this test is supposed to test has not changed and as select() is only used by the command-line utilities but not the library stop running the test. Bug-Debian: http://bugs.debian.org/648247 |
30_strlen_on_null.diff | (download) |
lib/x509/privkey_pkcs8.c |
13 11 + 2 - 0 ! |
prevent segfault on strlen(null) already fixed in GnuTLS 3 at 95a922c2a8b75e6eddbcc688c0d719d0b07ee395 Bug-Debian: http://bugs.debian.org/647747 |
31_allow_key_usage_violation.diff | (download) |
lib/gnutls_sig.c |
12 6 + 6 - 0 ! |
** libgnutls: Always tolerate key usage violation errors from the side of the peer, but also notify via an audit message. . Pulled from uptream GIT, combining http://gitorious.org/gnutls/gnutls/commit/afd6b636d1d9b079699afb0c3b20692edcf5b262 and http://gitorious.org/gnutls/gnutls/commit/dbc72ae47b16c6718cb5e53d4a31205bc45d3742 |
32_record padding parsing.patch | (download) |
lib/gnutls_cipher.c |
4 2 + 2 - 0 ! |
[patch 07/11] corrected bugs in record padding parsing. libgnutls: Fixed record padding parsing issue. Reported by Kenny Patterson and Nadhem Alfardan. http://gitorious.org/gnutls/gnutls/commit/7b65049a81ea02a92fef934318a680afd55e98d2 |
33_stricter_rsa_pkcs_1.5.diff | (download) |
lib/gcrypt/pk.c |
16 14 + 2 - 0 ! |
[patch 11/11] libgcrypt code updated with similar checks to nettle code This is the gcrypt counterpart to http://gitorious.org/gnutls/gnutls/commit/9709393ac263d7fbd9f790c884b7b8141c6f4b13 Stricter RSA PKCS #1 1.5 encoding and decoding. Reported by Kikuchi Masashi. http://lists.gnutls.org/pipermail/gnutls-devel/2012-December/006016.html |
34_pkcs11_memleak.diff | (download) |
lib/pkcs11.c |
3 2 + 1 - 0 ! |
[patch 1/6] free allocated module name. reported by sam varshavchik. This is the same fix from the 3.0 branch as: ce7caadb "free allocated module name. Reported by Sam Varshavchik." ** libgnutls: Eliminated memory leak in PCKS #11 initialization. Report and fix by Sam Varshavchik. |
35_TLS CBC_timing attack.diff | (download) |
lib/gnutls_cipher.c |
95 62 + 33 - 0 ! |
avoid a timing attack in tls cbc record parsing. http://www.gnutls.org/security.html#GNUTLS-SA-2013-1 http://www.isg.rhul.ac.uk/tls/ |
36_sanitycheck.diff | (download) |
lib/gnutls_cipher.c |
2 2 + 0 - 0 ! |
[patch 3/3] re-applied sanity check patch |
37_fix_rejection of v1 intermedi.diff | (download) |
lib/x509/verify.c |
4 3 + 1 - 0 ! |
fix rejection of v1 intermediate ca Fix bug that prevented the rejection of v1 intermediate CA certificates. Reported by Suman Jana. This is b1abfe3d182d68539900092eb42fc62cf1bb7e7c from upstream git, unfuzzed for 2.12.x by Andreas Metzler. |
38_CVE 2014 0092.diff | (download) |
lib/x509/verify.c |
16 10 + 6 - 0 ! |
[patch 1/3] corrected return codes |
39_Prevent memory corruption.diff | (download) |
lib/gnutls_handshake.c |
2 1 + 1 - 0 ! |
[patch] prevent memory corruption due to server hello parsing. Issue discovered by Joonas Kuorilehto of Codenomicon. |
40_CVE 2015 0294.diff | (download) |
lib/x509/x509.c |
34 33 + 1 - 0 ! |
[patch] added fix for certificate algorithm consistency check |
41_CVE 2015 0282.diff | (download) |
lib/gnutls_algorithms.c |
8 8 + 0 - 0 ! |
[patch] added fix for gnutls-sa-2015-1 |
42_CVE 2015 8313.diff | (download) |
lib/gnutls_cipher.c |
2 1 + 1 - 0 ! |
fix off by one issue in padding check (cve-2015-8313) |
43_CVE 2015 7575.diff | (download) |
lib/ext_signature.c |
17 1 + 16 - 0 ! |
[patch] _gnutls_session_sign_algo_enabled: do not consider any values from the extension data to decide acceptable algorithms |