-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2008-11-25 03:55:25 UTC
-
Revision ID:
james.westby@ubuntu.com-20081125035525-9mqgleav9wjmx70c
Tags: 1.6.3-1ubuntu0.2
* SECURITY UPDATE: Fix for man-in-the-middle attack in certificate
validation
- debian/patches/91_CVE-2008-4989.diff: don't remove the last certificate
if it is self-signed in lib/x509/verify.c
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3248
- CVE-2008-4989