-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2008-11-25 03:59:08 UTC
-
Revision ID:
james.westby@ubuntu.com-20081125035908-fnzak3f5ux34ohgz
Tags: 1.2.9-2ubuntu1.3
* SECURITY UPDATE: Fix for man-in-the-middle attack in certificate
validation
- debian/patches/91_CVE-2008-4989.diff: don't remove the last certificate
if it is self-signed in lib/x509/verify.c
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3248
- CVE-2008-4989