* Merge from Debian unstable. Remaining changes:
- debian/patches/disable_global_init_override_test.patch: disable
failing test.
- debian/patches/add-openssl-test-link.patch: add link for libssl
* Build with --with-included-unistring for now as our libunistring is
too old and needs a transition.
gnutls28 (3.5.17-1) unstable; urgency=low
* New upstream version.
+ When verifying against a self signed certificate ignore issuer. That
is, ignore issuer when checking the issuer's parameters strength,
resolving issue #347 which caused self signed certificates to be
additionally marked as of insufficient security level.
Closes: #885127
gnutls28 (3.5.16-1) unstable; urgency=medium
* New upstream version.
+ Fixes interoperability issue with openssl when safe renegotiation was
used. Closes: #873055
* 35_modernize_gtkdoc.diff from upstream GIT master: Modernize gtk-doc
support. Update gtk-doc.make, m4/gtk-doc.m4 and doc/reference/Makefile.am
from gtk-doc git head (that is 1.26 +
c08cc78562c59082fc83b55b58747177510b7a70). Disable gtkdoc-check.
Closes: #876587
gnutls28 (3.5.15-2) unstable; urgency=medium
* Upload to unstable.
gnutls28 (3.5.15-1) experimental; urgency=medium
* New upstream version. Drop unneeded patches.
(31_arm64ilp32-unaccelerated.patch
35_record-added-sanity-checking-in-the-record-layer-ver.patch
36_parse_pem_cert_mem-fixed-issue-resulting-to-accessin.patch)
gnutls28 (3.5.14-3) unstable; urgency=low
* 35_record-added-sanity-checking-in-the-record-layer-ver.patch from
upstream gnutls_3_5_x branch: Prevent crash on calling gnutls_bye() on an
already terminated or deinitialized session. Closes: #867303
* 36_parse_pem_cert_mem-fixed-issue-resulting-to-accessin.patch from
upstream gnutls_3_5_x branch: parse_pem_cert_mem: fixed issue resulting
to accessing past the input data.
* 31_arm64ilp32-unaccelerated.patch by Wookey: Disable assembly
code on arm64ilp32 to fix FTBFS. Closes: #872454
* Use /usr/share/dpkg/pkg-info.mk instead of dpkg-parsechangelog, except for
the compatibility code for setting SOURCE_DATE_EPOCH with dpkg << 1.18.8.
* Standards-Version 4.0.1, update priorities (extra->optional).
gnutls28 (3.5.14-2) unstable; urgency=medium
* Upload to unstable.
gnutls28 (3.5.14-1) experimental; urgency=low
[ Dan Nicholson ]
* Build with --disable-rpath. Closes: #865674
[ Andreas Metzler ]
* New upstream version.
* Build against external libunistring.
gnutls28 (3.5.13-2) unstable; urgency=medium
* Upload to unstable, merge changelogs.
gnutls28 (3.5.13-1) experimental; urgency=low
* New upstream version.
+ Drop 35_test-corrected-typo-preventing-the-run-of-openpgp-te.patch.
+ Fixes GNUTLS-SA-2017-4/CVE-2017-7507 - Crash due to a null pointer
dereference. #864560
gnutls28 (3.5.12-2) experimental; urgency=medium
* 35_test-corrected-typo-preventing-the-run-of-openpgp-te.patch: Correct
typo preventing the run of openpgp test.
* Stop disabling heartbeat support. Closes: #861193
gnutls28 (3.5.12-1) experimental; urgency=medium
* New upstream version.
* Bump dep info on gnutls_session_ext_register.
gnutls28 (3.5.11-1) experimental; urgency=medium
* New upstream version.
* gnutls.pc: do not include libtool options into Libs.private.
Closes: #857943
* gnutls.pc does not refer to e.g. zlib in *both* Requires.private and
Libs.private. (LP: #1660915)
* OpenSSL wrapper: SSLv23_*_method translates to NORMAL GnuTLS priority,
which includes TLS1.2 support. Closes: #857436
* Add b-d on ca-certificates, needed for trust-store check.
gnutls28 (3.5.10-1) experimental; urgency=medium
* New upstream version.
+ gnutls.pc: do not include libidn2 in Requires.private. Closes: #855888
+ Includes fixes for GNUTLS-SA-2017-3[ABC].
+ Bump info for gnutls_store_commitment, gnutls_ocsp_resp_verify_direct
and gnutls_ocsp_resp_verify which now accept (more) flags.
gnutls28 (3.5.9-1) experimental; urgency=medium
* New upstream version.
+ Drop debian/patches/35_0*.
+ Update symbol file, adding gnutls_idna_map and gnutls_idna_reverse_map.
* Build with IDNA 2008 support, b-d on libidn2-0-dev instead of
libidn11-dev.
-- Julian Andres Klode <email address hidden> Mon, 22 Jan 2018 13:24:04 +0100
This bug was fixed in the package gnutls28 - 3.5.17-1ubuntu1
---------------
gnutls28 (3.5.17-1ubuntu1) bionic; urgency=low
* Merge from Debian unstable. Remaining changes: patches/ disable_ global_ init_override_ test.patch: disable patches/ add-openssl- test-link. patch: add link for libssl included- unistring for now as our libunistring is
- debian/
failing test.
- debian/
* Build with --with-
too old and needs a transition.
gnutls28 (3.5.17-1) unstable; urgency=low
* New upstream version.
+ When verifying against a self signed certificate ignore issuer. That
is, ignore issuer when checking the issuer's parameters strength,
resolving issue #347 which caused self signed certificates to be
additionally marked as of insufficient security level.
Closes: #885127
gnutls28 (3.5.16-1) unstable; urgency=medium
* New upstream version. gtkdoc. diff from upstream GIT master: Modernize gtk-doc Makefile. am 59082fc83b55b58 747177510b7a70) . Disable gtkdoc-check.
+ Fixes interoperability issue with openssl when safe renegotiation was
used. Closes: #873055
* 35_modernize_
support. Update gtk-doc.make, m4/gtk-doc.m4 and doc/reference/
from gtk-doc git head (that is 1.26 +
c08cc78562c
Closes: #876587
gnutls28 (3.5.15-2) unstable; urgency=medium
* Upload to unstable.
gnutls28 (3.5.15-1) experimental; urgency=medium
* New upstream version. Drop unneeded patches. arm64ilp32- unaccelerated. patch record- added-sanity- checking- in-the- record- layer-ver. patch parse_pem_ cert_mem- fixed-issue- resulting- to-accessin. patch)
(31_
35_
36_
gnutls28 (3.5.14-3) unstable; urgency=low
* 35_record- added-sanity- checking- in-the- record- layer-ver. patch from pem_cert_ mem-fixed- issue-resulting -to-accessin. patch from unaccelerated. patch by Wookey: Disable assembly dpkg/pkg- info.mk instead of dpkg-parsechang elog, except for
upstream gnutls_3_5_x branch: Prevent crash on calling gnutls_bye() on an
already terminated or deinitialized session. Closes: #867303
* 36_parse_
upstream gnutls_3_5_x branch: parse_pem_cert_mem: fixed issue resulting
to accessing past the input data.
* 31_arm64ilp32-
code on arm64ilp32 to fix FTBFS. Closes: #872454
* Use /usr/share/
the compatibility code for setting SOURCE_DATE_EPOCH with dpkg << 1.18.8.
* Standards-Version 4.0.1, update priorities (extra->optional).
gnutls28 (3.5.14-2) unstable; urgency=medium
* Upload to unstable.
gnutls28 (3.5.14-1) experimental; urgency=low
[ Dan Nicholson ]
* Build with --disable-rpath. Closes: #865674
[ Andreas Metzler ]
* New upstream version.
* Build against external libunistring.
gnutls28 (3.5.13-2) unstable; urgency=medium
* Upload to unstable, merge changelogs.
gnutls28 (3.5.13-1) experimental; urgency=low
* New upstream version. corrected- typo-preventing -the-run- of-openpgp- te.patch. SA-2017- 4/CVE-2017- 7507 - Crash due to a null pointer
+ Drop 35_test-
+ Fixes GNUTLS-
dereference. #864560
gnutls28 (3.5.12-2) experimental; urgency=medium
* 35_test- corrected- typo-preventing -the-run- of-openpgp- te.patch: Correct
typo preventing the run of openpgp test.
* Stop disabling heartbeat support. Closes: #861193
gnutls28 (3.5.12-1) experimental; urgency=medium
* New upstream version. session_ ext_register.
* Bump dep info on gnutls_
gnutls28 (3.5.11-1) experimental; urgency=medium
* New upstream version.
* gnutls.pc: do not include libtool options into Libs.private.
Closes: #857943
* gnutls.pc does not refer to e.g. zlib in *both* Requires.private and
Libs.private. (LP: #1660915)
* OpenSSL wrapper: SSLv23_*_method translates to NORMAL GnuTLS priority,
which includes TLS1.2 support. Closes: #857436
* Add b-d on ca-certificates, needed for trust-store check.
gnutls28 (3.5.10-1) experimental; urgency=medium
* New upstream version. SA-2017- 3[ABC]. store_commitmen t, gnutls_ ocsp_resp_ verify_ direct ocsp_resp_ verify which now accept (more) flags.
+ gnutls.pc: do not include libidn2 in Requires.private. Closes: #855888
+ Includes fixes for GNUTLS-
+ Bump info for gnutls_
and gnutls_
gnutls28 (3.5.9-1) experimental; urgency=medium
* New upstream version. patches/ 35_0*. idna_reverse_ map.
+ Drop debian/
+ Update symbol file, adding gnutls_idna_map and gnutls_
* Build with IDNA 2008 support, b-d on libidn2-0-dev instead of
libidn11-dev.
-- Julian Andres Klode <email address hidden> Mon, 22 Jan 2018 13:24:04 +0100