Please consider gnutls26 2.4.2-6 for lenny
ametzler at downhill.at.eu.org
Wed Feb 11 18:42:26 UTC 2009
I have uploaded gnutls26 2.4.2-6 on saturday, the upload is targeted
for lenny. I know it is rather late, but the timing was not in my
| New patches, syncing with 2.4.3 upstream oldstable release:
| + 24_intermedcertificate.patch If a non-root certificate ist trusted
| gnutls certificateificate verification stops there instead of checking
| up to the root of the certificate chain.
This provides a workaround against the changed behavior with respect
to x509 v1 CA after the fix for CVE-2008-4989. People can make the
intermediate certificate trusted to work around the fact that GnuTLS
will not trust certs signed by the toplevel x509 v1 CA cert anymore
(unless GNUTLS_VERIFY_ALLOW_ANY_X509_V1_CA_CRT and/or
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT are set).
| + 22_whitespace.patch - Whitespace only changes, to make it possible to
| apply upstream fixes without manual changes.
It is rather short, too.
| + 25_bufferoverrun.patch. Fix buffer overrun bug in
An earlier that I somehow overlooked and forgot to pull from upstream
thanks, cu andreas
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'
More information about the Pkg-gnutls-maint