gnutls28 3.4.10-4ubuntu1.2 source package in Ubuntu
Changelog
gnutls28 (3.4.10-4ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: OCSP validation issue
- debian/patches/CVE-2016-7444.patch: correctly verify the serial
length in lib/x509/ocsp.c.
- CVE-2016-7444
* SECURITY UPDATE: denial of service via warning alerts
- debian/patches/CVE-2016-8610.patch: set a maximum number of warning
messages in lib/gnutls_int.h, lib/gnutls_handshake.c,
lib/gnutls_state.c.
- CVE-2016-8610
* SECURITY UPDATE: double-free when reading proxy language
- debian/patches/CVE-2017-5334.patch: fix double-free in
lib/x509/x509_ext.c.
- CVE-2017-5334
* SECURITY UPDATE: out of memory error in stream reading functions
- debian/patches/CVE-2017-5335.patch: add error checking to
lib/opencdk/read-packet.c.
- CVE-2017-5335
* SECURITY UPDATE: stack overflow in cdk_pk_get_keyid
- debian/patches/CVE-2017-5336.patch: check return code in
lib/opencdk/pubkey.c.
- CVE-2017-5336
* SECURITY UPDATE: heap read overflow when reading streams
- debian/patches/CVE-2017-5337.patch: add more precise checks to
lib/opencdk/read-packet.c.
- CVE-2017-5337
* debian/patches/fix_expired_certs.patch: use datefudge to fix test with
expired certs.
-- Marc Deslauriers <email address hidden> Thu, 26 Jan 2017 10:14:03 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Xenial
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| gnutls28_3.4.10.orig.tar.xz | 6.3 MiB | 6a32c2b4acbd33ff7eefcbd1357009da04c94c60146ef61320b6c076b1bdf59f |
| gnutls28_3.4.10-4ubuntu1.2.debian.tar.xz | 91.8 KiB | 30e61f7582a6d994cfd8549ba4e550e8bc33c2b10597099830c46f2ae0a0fc77 |
| gnutls28_3.4.10-4ubuntu1.2.dsc | 3.0 KiB | 78aa10c42a4705bc50022366ab062a2b6e6c34c33d4b894b8d1bf710a09d8a4f |
Available diffs
Binary packages built by this source
- gnutls-bin: GNU TLS library - commandline utilities
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains a commandline interface to the GNU TLS library, which
can be used to set up secure connections from e.g. shell scripts, debugging
connection issues or managing certificates.
.
Useful utilities include:
- TLS termination: gnutls-cli, gnutls-serv, crywrap
- key and certificate management: certtool, ocsptool, p11tool
- credential management: srptool, psktool
- gnutls-bin-dbgsym: debug symbols for package gnutls-bin
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains a commandline interface to the GNU TLS library, which
can be used to set up secure connections from e.g. shell scripts, debugging
connection issues or managing certificates.
.
Useful utilities include:
- TLS termination: gnutls-cli, gnutls-serv, crywrap
- key and certificate management: certtool, ocsptool, p11tool
- credential management: srptool, psktool
- gnutls-doc: GNU TLS library - documentation and examples
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains all the GnuTLS documentation.
- guile-gnutls: GNU TLS library - GNU Guile bindings
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the GNU Guile 2.0 modules.
- guile-gnutls-dbgsym: debug symbols for package guile-gnutls
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the GNU Guile 2.0 modules.
- libgnutls-dev: GNU TLS library - development files
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the GnuTLS development files.
- libgnutls-openssl27: GNU TLS library - OpenSSL wrapper
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the runtime library of the GnuTLS OpenSSL wrapper.
- libgnutls-openssl27-dbgsym: debug symbols for package libgnutls-openssl27
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the runtime library of the GnuTLS OpenSSL wrapper.
- libgnutls28-dev: dummy transitional package for GNU TLS library - development files
This is a transitional dummy package for libgnutls28-dev to
libgnutls-dev migration. GnuTLS is a portable library which
implements the Transport Layer Security (TLS 1.0, 1.1, 1.2) and
Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security
(DTLS 1.0, 1.2) protocols.
.
This package can be safely removed.
- libgnutls30: GNU TLS library - main runtime library
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the main runtime library.
- libgnutls30-dbgsym: debug symbols for package libgnutls30
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the main runtime library.
- libgnutlsxx28: GNU TLS library - C++ runtime library
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the C++ runtime libraries.
- libgnutlsxx28-dbgsym: debug symbols for package libgnutlsxx28
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the C++ runtime libraries.
