Please test gnutls13 update for etch
Andreas Metzler
ametzler at downhill.at.eu.org
Tue Nov 10 19:10:40 UTC 2009
On 2009-11-09 Giuseppe Iuculano <iuculano at debian.org> wrote:
> Hi,
> I've prepared updated packages for gnutls13 in etch fixing CVE-2009-2730 and
> CVE-2009-2409.
Thank you very nmuch.
> It would be helpful, if people could install these packages and check whether
> they notice any regressions.
The test for CVE-2009-2730
http://lists.gnu.org/archive/html/gnutls-devel/2009-08/msg00062.html
does not succed completely. After adding
http://git.savannah.gnu.org/cgit/gnutls.git/patch/?id=7b80620f99f4d43f5eda692eefc5c969bb4263c0
as suggested by Jamie Strandboge in
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3790
both parts of the test succeeded. (I am not sure whether certtool
patch in Jamie's patch for 1.2.x is needed here, too.)
cu andreas
More information about the Pkg-gnutls-maint
mailing list