-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2008-11-25 03:52:47 UTC
-
Revision ID:
james.westby@ubuntu.com-20081125035247-1o4gcbhj9ax0uihr
Tags: 2.0.4-1ubuntu2.2
* SECURITY UPDATE: Fix for man-in-the-middle attack in certificate
validation
- debian/patches/91_CVE-2008-4989.diff: don't remove the last certificate
if it is self-signed in lib/x509/verify.c
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3248
- CVE-2008-4989