[BSA-093] Security Update for gnutls28

To: debian-backports-announce@lists.debian.org
Subject: [BSA-093] Security Update for gnutls28
From: Andreas Metzler <ametzler@debian.org>
Date: Sat, 22 Feb 2014 15:11:49 +0100
Message-id: <[🔎] 20140222141149.GA3219@downhill.g.la>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Andreas Metzler  uploaded new packages for gnutls28 which fixed the
following security problems:

CVE-2014-1959 / DSA 2866-1 / GNUTLS-SA-2014-1
  Suman Jana reported that GnuTLS, deviating from the documented
  behavior considers a version 1 intermediate certificate as a CA
  certificate by default.

For the testing distribution (jessie) and the unstable distribution
(sid), this problem has been fixed in gnutls26/2.12.23-12 and
gnutls28/3.2.11-1.

For the stable distribution this problem has been fixed in
gnutls26/2.12.20-8. 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBCgAGBQJTCLAZAAoJEKVPAYVDghSE3KIP/ixlMQKA9H/v4FqWB2QOQIeY
QT67kgjrG/UKgEBk3pivvfWU8bSRA8SQ4AJXnKSMrkq6GkAEOBCFV8pVdHZV2pVZ
zUJ25vt4LX9cJHnOmMDSyC5Rrc/MH6/NnJWxIcZryc+XNOrzP0P00WqJ6fRfkZ/M
X7ktaICuNH5FqZ+P5ROdUrx+P8VX2y65vTTMrOTVPDYnn+hQBXXlQBK/7bUj0fkj
xsEP3XBLVqGrfJWzAxMCiOTMFgPzlc1MaQT2tCfIgHsWdATUYgKX8R5Nt+a2PrYo
S8IFrfpuXj9Kgamwj2ODs+lp7vDG2ftVTrTkaT4Mb7Xi0WdsTrMnTxRrBLNDYPFh
AsS+eqc1hYD8rBHIIrbEkPO+a4yaZkWrmufKS1oMq5MPprmJPisgfKBhgX5iRzmh
WcVIuKbIq8N9fIyNGn2lrfDWO10AyXpSyjHSpkt66K/p0DV/eIII87FftO537XKm
F293feMOnsj0KGpFtWhIhYnT6CYC8vOsb+xv0NvYTMYLOOUjf7CVMyCubyPbq5e6
Qodi4aSO2RaBKTnVfRD0Ci5lpPuuTNlFFj1761wmRrcNq/g7c1S2I5rj2K0p5y+Y
+ARGHtBEKjPiH4V9K3KRtmQAJg38gt1tdBYLGmDJTJKAHB7l0LqJB9YbRcurneEh
6OUWuHFpvYl6bNmjJ9/a
=ZiPO
-----END PGP SIGNATURE-----

Reply to:

Index(es):
- Date
- Thread