Package: gnutls26 / 2.8.6-1+squeeze6

Metadata

Package Version Patches format
gnutls26 2.8.6-1+squeeze6 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
14_version_gettextcat.diff | (download)

lib/po/Makevars | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
15_fixgnutlspc.diff | (download)

lib/gnutls.pc.in | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

---
16_unnecessarydep.diff | (download)

configure | 2 1 + 1 - 0 !
lib/configure | 2 1 + 1 - 0 !
libextra/configure | 2 1 + 1 - 0 !
3 files changed, 3 insertions(+), 3 deletions(-)

---
20_CVE 2011 4128.part1.diff | (download)

lib/gnutls_session.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] gnutls_session_get_data: fix possible buffer overflow

The test to avoid the buffer overflow was always false because
session_data_size was set at the wrong place. This problem has been introduced
by this commit:

|commit ad4ed44c65e753e6d3a00104c049dd81826ccbf3
20_CVE 2011 4128.part2.diff | (download)

lib/gnutls_session.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 [patch] bug fix in gnutls_session_get_data().


21_CVE 2012 1573 | (download)

lib/gnutls_cipher.c | 11 5 + 6 - 0 !
1 file changed, 5 insertions(+), 6 deletions(-)

---
22_gnutls 2.8.5 cve 2014 0092.patch | (download)

lib/x509/verify.c | 28 15 + 13 - 0 !
1 file changed, 15 insertions(+), 13 deletions(-)

 [patch] corrected return codes


23_CVE 2014 3466.diff | (download)

lib/gnutls_handshake.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] prevent memory corruption due to server hello parsing.

Issue discovered by Joonas Kuorilehto of Codenomicon.

24_CVE 2014 8155.diff | (download)

lib/includes/gnutls/x509.h | 6 5 + 1 - 0 !
lib/x509/verify.c | 82 62 + 20 - 0 !
2 files changed, 67 insertions(+), 21 deletions(-)

 fix cve-2014-8155: missing date/time checks on ca certificates
 Patch backported by Raphaƫl Hertzog.
25_CVE 2015 0294.diff | (download)

lib/x509/x509.c | 34 33 + 1 - 0 !
1 file changed, 33 insertions(+), 1 deletion(-)

 [patch] added fix for certificate algorithm consistency check


26_CVE 2015 0282.diff | (download)

lib/gnutls_algorithms.c | 8 8 + 0 - 0 !
lib/gnutls_algorithms.h | 1 1 + 0 - 0 !
lib/x509/privkey.c | 3 2 + 1 - 0 !
lib/x509/verify.c | 63 43 + 20 - 0 !
lib/x509/x509.c | 4 2 + 2 - 0 !
lib/x509/x509_int.h | 4 2 + 2 - 0 !
6 files changed, 58 insertions(+), 25 deletions(-)

 fix for cve-2015-0282: rsa pkcs#1 signature verification forgery
27_CVE 2015 8313.patch | (download)

lib/gnutls_cipher.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 fix off by one issue in padding check (cve-2015-8313)