~ubuntu-branches/ubuntu/dapper/gnutls12/dapper-proposed

gnutls12 (1.2.9-2ubuntu1.3) dapper-security; urgency=low

  * SECURITY UPDATE: Fix for man-in-the-middle attack in certificate
    validation
    - debian/patches/91_CVE-2008-4989.diff: don't remove the last certificate
      if it is self-signed in lib/x509/verify.c
    - http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
    - http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3248
    - CVE-2008-4989

 -- Jamie Strandboge <jamie@ubuntu.com>  Tue, 25 Nov 2008 03:59:08 -0600

gnutls12 (1.2.9-2ubuntu1.2) dapper-security; urgency=low

  * SECURITY UPDATE: multiple remote denial of service.
  * debian/patches/90_GNUTLS-SA-2008-1.diff: upstream fixes, thanks to Debian.
  * References
    GNUTLS-SA-2008-1
    CVE-2008-1948, CVE-2008-1949, CVE-2008-1950

 -- Kees Cook <kees@ubuntu.com>  Tue, 20 May 2008 18:20:22 -0700

gnutls12 (1.2.9-2ubuntu1.1) dapper-security; urgency=low

  * SECURITY UPDATE: Signature forgery.
  * Add debian/patches/00CVS_CVE-2006-4790.patch:
    - Check excessive data in padding of PKCS #1 v1.5 signatures to prevent
      applications from incorrectly verifying the certificate. (Similar to
      recent OpenSSL update.)
    - Patch taken from upstream CVS:
      http://lists.gnupg.org/pipermail/gnutls-dev/2006-September/001212.html
    - CVE-2006-4790

 -- Martin Pitt <martin.pitt@ubuntu.com>  Mon, 18 Sep 2006 12:34:57 +0000

gnutls12 (1.2.9-2ubuntu1) dapper; urgency=low

  * debian/rules: Activate simple-patchsys.mk.
  * debian/control: Bump libtasn1-2-dev build dependency to >=
    0.2.17-1ubuntu1.
  * Add debian/patches/01_tasn_api_length.patch:
     - lib/x509/xml.c: Fix calls to libtasn1-2's internal _asn1_* API calls for
       new libtasn1-2 version; these calls now expect a buffer length argument to
       check for buffer overflows.
     - lib/minitasn1/: Changed internal _asn1_ function prototypes in header
       files according to recent change in libtasn1-2.

 -- Martin Pitt <martin.pitt@ubuntu.com>  Wed, 15 Feb 2006 16:16:41 +0100

gnutls12 (1.2.9-2) unstable; urgency=low

  * Install /usr/lib/pkgconfig/*.pc files.
  * Depend on texinfo (>= 4.8, for the @euro{} sign).

 -- Matthias Urlichs <smurf@debian.org>  Tue, 15 Nov 2005 19:26:02 +0100

gnutls12 (1.2.9-1) unstable; urgency=low

  * New Upstream version.

 -- Matthias Urlichs <smurf@debian.org>  Fri, 11 Nov 2005 18:51:28 +0100

gnutls12 (1.2.8-1) unstable; urgency=low

  * New Upstream version.
    - depends on libgcrypt11 1.2.2
  * Bumped shlibs version, just to be on the safe side.

 -- Matthias Urlichs <smurf@debian.org>  Wed, 19 Oct 2005 12:05:14 +0200

gnutls12 (1.2.6-1) unstable; urgency=low

  * New Upstream version.
  * Remove Provides: on libgnutls11-dev.
    Hopefully this will be temporary (pending discussion with Upstream).

 -- Matthias Urlichs <smurf@debian.org>  Thu, 11 Aug 2005 12:21:36 +0200

gnutls12 (1.2.5-3) unstable; urgency=high

  * Updated libgnutls12.shlibs file.
    Thanks to Mike Paul <w5ydkaz02@sneakemail.com>.
    Closes: #319291: libgnutls12: Wrong soversion in shlibs file; breaks
                                  dependencies on this library

 -- Matthias Urlichs <smurf@debian.org>  Thu, 21 Jul 2005 13:19:25 +0200

gnutls12 (1.2.5-2) unstable; urgency=medium

  * Did not depend on libgnutls12 -- not picked up by dh_shlibdeps.
    Added an explicit dependency as a stopgap fix.

 -- Matthias Urlichs <smurf@debian.org>  Thu, 21 Jul 2005 08:27:22 +0200

gnutls12 (1.2.5-1) unstable; urgency=low

  * Merged with the latest stable release.
  * Renamed to gnutls12.
    - Changed the library version strings to GNUTLS_1_2.
    - Renamed the development package back to "libgnutls-dev".

 -- Matthias Urlichs <smurf@debian.org>  Tue,  5 Jul 2005 10:35:56 +0200

gnutls11 (1.0.19-1) experimental; urgency=low

  * Merged with the latest stable release.

 -- Matthias Urlichs <smurf@debian.org>  Sun, 26 Dec 2004 13:28:45 +0100

gnutls11 (1.0.16-13) unstable; urgency=high

  * Fixed an ASN.1 extraction error.
    Found by Pelle Johansson <morth@morth.org>.

 -- Matthias Urlichs <smurf@debian.org>  Mon, 29 Nov 2004 10:16:21 +0100

gnutls11 (1.0.16-12) unstable; urgency=high

  * Fixed a segfault in certtool. Closes: #278361.

 -- Matthias Urlichs <smurf@debian.org>  Thu, 11 Nov 2004 09:40:02 +0100

gnutls11 (1.0.16-11) unstable; urgency=medium

  * Merged binary (non-UF8) string printing code from Upstream.
  * Password code in certtool was somewhat broken.

 -- Matthias Urlichs <smurf@debian.org>  Sat,  6 Nov 2004 13:11:03 +0100

gnutls11 (1.0.16-10) unstable; urgency=high

  * Fixed one instance of uninitialized memory usage.

 -- Matthias Urlichs <smurf@debian.org>  Thu, 21 Oct 2004 06:07:53 +0200

gnutls11 (1.0.16-9) unstable; urgency=high

  * Pulled from Upstream CVS:
    - Fix two memory leaks.
    - Fix NULL dereference.

 -- Matthias Urlichs <smurf@debian.org>  Fri,  8 Oct 2004 10:43:20 +0200

gnutls11 (1.0.16-8) unstable; urgency=high

  * Pulled these changes from Upstream CVS:
    - Added default limits in the verification of certificate chains,
      to avoid denial of service attacks.
    - Added gnutls_certificate_set_verify_limits() to override them.
    - Added gnutls_certificate_verify_peers2().

 -- Matthias Urlichs <smurf@debian.org>  Sun, 12 Sep 2004 02:05:25 +0200

gnutls11 (1.0.16-7) unstable; urgency=low

  * Removed superfluous -lFOO entries from libgnutls{,-extra}-config output.
    Thanks to joeyh@debian.org for reporting this problem.

 -- Matthias Urlichs <smurf@debian.org>  Sat, 14 Aug 2004 11:22:51 +0200

gnutls11 (1.0.16-6) unstable; urgency=medium

  * Memory leak, found by Modestas Vainius <geromanas@mailas.com>.
    - Closes: #264420

 -- Matthias Urlichs <smurf@debian.org>  Sun,  8 Aug 2004 22:21:01 +0200

gnutls11 (1.0.16-5) unstable; urgency=low

  * Depend on current libtasn1-2 (>= 0.2.10).
    - Closes: #264198.
  * Fixed maintainer email to point to Debian address.

 -- Matthias Urlichs <smurf@debian.org>  Sat,  7 Aug 2004 19:44:38 +0200

gnutls11 (1.0.16-4) unstable; urgency=low

  * The OpenSSL compatibility library has been linked incorrectly
    (-ltasn1 was missing).
  * Need to build-depend on current opencdk8 and libtasn1-2 version.

 -- Matthias Urlichs <smurf@debian.org>  Sat,  7 Aug 2004 19:29:32 +0200

gnutls11 (1.0.16-3) unstable; urgency=high

  * Documentation no longer includes LaTeX-produced output
    (the source contains latex2html-specific features, which is non-free).
  * Urgency: High because of pending base freeze.

 -- Matthias Urlichs <smurf@debian.org>  Mon, 26 Jul 2004 11:18:20 +0200

gnutls11 (1.0.16-2) unstable; urgency=high

  * Actually *enable* debug symbols :-/
  * Urgency: High for speedy inclusion in d-i

 -- Matthias Urlichs <smurf@debian.org>  Fri, 23 Jul 2004 22:38:07 +0200

gnutls11 (1.0.16-1) experimental; urgency=low

  * Update to latest Upstream version.
  * now depends on libgcrypt11
  * Include debugging package
  * Use hevea, not latex2html.

 -- Matthias Urlichs <smurf@debian.org>  Wed, 21 Jul 2004 16:58:26 +0200

gnutls10 (1.0.4-4) unstable; urgency=low

  * New maintainer.
  * Run autotools at source package build time.
    - Closes: #257237: FTBFS (i386/sid): aclocal failed
  * Remove "package is still changed upstream" warning.
  * Build-Depend on debhelper 4.1 (cdbs), versioned libgcrypt7.

 -- Matthias Urlichs <smurf@debian.org>  Fri, 16 Jul 2004 02:09:36 +0200

gnutls10 (1.0.4-3) unstable; urgency=low

  * control: Changed the build dependency and the dependency of
    libgnutls10-dev to be versioned on libopencdk8-dev >= 0.5.3;
    libopencdk8-dev 0.5.1 had an invalid dependency on libgcrypt-dev which
    could cause linking against two versions of libgcrypt.

 -- Ivo Timmermans <ivo@debian.org>  Sat, 24 Jan 2004 15:32:22 +0100

gnutls10 (1.0.4-2) unstable; urgency=low

  * libgnutls-doc.doc-base: Removed HTML manual listing.
  * control: Removed Jordi Mallach from the list of Uploaders.  Thanks,
    Jordi :)

 -- Ivo Timmermans <ivo@debian.org>  Wed, 14 Jan 2004 13:35:42 +0100

gnutls10 (1.0.4-1) unstable; urgency=low

  * New upstream release  (Closes: #227527)
      * The new documentation in libgnutls-doc fixes several typo's and
        style glitches:  
        Closes: #215772: inconsistent auth method list in manual
        Closes: #215775: dangling footnote on page 14 of manual
        Closes: #215777: bad sentence on page 18 of manual
        Closes: #215780: incorrect info about ldaps/imaps in manual
  * rules:
      * Use --add-missing instead of --force in the call to automake.
      * Don't build gnutls.ps, use the upstream version.
        (Closes: #224846)
  * gnutls-bin.manpages: Use glob to find manpages.
  * patches/008_manpages.diff: Removed; included upstream.

 -- Ivo Timmermans <ivo@debian.org>  Tue, 13 Jan 2004 23:57:16 +0100

gnutls10 (1.0.0-1) unstable; urgency=low

  * New upstream release.
  * Major soversion changed to 10.
  * control: Changed build dependencies of libtasn1-dev.
  * libgnutls10.shlibs: Added libgnutls-openssl to the list.

 -- Ivo Timmermans <ivo@debian.org>  Mon, 29 Dec 2003 23:23:08 +0100

gnutls8 (0.9.99-1) experimental; urgency=low

  * New upstream release.
  * Included upstream GPG signature in .orig.tar.gz.

 -- Ivo Timmermans <ivo@debian.org>  Wed,  3 Dec 2003 22:33:52 +0100

gnutls8 (0.9.98-1) experimental; urgency=low

  * New upstream release.
  * debian/control: libgnutls8-dev depends on libopencdk8-dev.
  * debian/libgnutls-doc.examples: Install src/*.[ch].

 -- Ivo Timmermans <ivo@debian.org>  Sun, 23 Nov 2003 15:44:38 +0100

gnutls8 (0.9.95-1) experimental; urgency=low

  * New upstream version.

 -- Ivo Timmermans <ivo@debian.org>  Fri,  7 Nov 2003 19:50:22 +0100

gnutls8 (0.9.94-1) experimental; urgency=low

  * New upstream version; package based on gnutls7 0.8.12-2.
  * debian/control:
      * Build-depend on libgcrypt7-dev (>= 1.1.44-0).
  * debian/rules: Run auto* after the patches have been applied.

 -- Ivo Timmermans <ivo@debian.org>  Fri, 31 Oct 2003 18:47:09 +0100