-
Committer:
Bazaar Package Importer
-
Author(s):
Jamie Strandboge
-
Date:
2008-11-25 03:35:25 UTC
-
Revision ID:
james.westby@ubuntu.com-20081125033525-kott7g5dpndmn9t9
Tags: 2.4.1-1ubuntu0.1
* SECURITY UPDATE: Fix for man-in-the-middle attack in certificate
validation
- debian/patches/20_CVE-2008-4989.diff: don't remove the last certificate
if it is self-signed in lib/x509/verify.c
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3215
- http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3248
- CVE-2008-4989