[Pkg-gnutls-commits] r691 - in /packages/gnutls13/branches/1.4.etch/debian: changelog patches/22_X509v1_enable.patch
ametzler at users.alioth.debian.org
ametzler at users.alioth.debian.org
Sat Mar 14 15:05:25 UTC 2009
Author: ametzler
Date: Sat Mar 14 15:05:25 2009
New Revision: 691
URL: http://svn.debian.org/wsvn/pkg-gnutls/?sc=1&rev=691
Log:
Import 1.4.4-3+etch4 security update
Added:
packages/gnutls13/branches/1.4.etch/debian/patches/22_X509v1_enable.patch
Modified:
packages/gnutls13/branches/1.4.etch/debian/changelog
Modified: packages/gnutls13/branches/1.4.etch/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls13/branches/1.4.etch/debian/changelog?rev=691&op=diff
==============================================================================
--- packages/gnutls13/branches/1.4.etch/debian/changelog (original)
+++ packages/gnutls13/branches/1.4.etch/debian/changelog Sat Mar 14 15:05:25 2009
@@ -1,8 +1,9 @@
-gnutls13 (1.4.4-3+etch4) UNRELEASED; urgency=low
-
- * NOT RELEASED YET
-
- -- Andreas Metzler <ametzler at debian.org> Sun, 01 Feb 2009 17:39:12 +0100
+gnutls13 (1.4.4-3+etch4) oldstable-security; urgency=high
+
+ * Add patch from Simon Josefsson to reenable X.509v1 support for root
+ CAs. Closes: #514807, #514735.
+
+ -- Florian Weimer <fw at deneb.enyo.de> Mon, 23 Feb 2009 21:45:41 +0100
gnutls13 (1.4.4-3+etch3) stable-security; urgency=low
Added: packages/gnutls13/branches/1.4.etch/debian/patches/22_X509v1_enable.patch
URL: http://svn.debian.org/wsvn/pkg-gnutls/packages/gnutls13/branches/1.4.etch/debian/patches/22_X509v1_enable.patch?rev=691&op=file
==============================================================================
--- packages/gnutls13/branches/1.4.etch/debian/patches/22_X509v1_enable.patch (added)
+++ packages/gnutls13/branches/1.4.etch/debian/patches/22_X509v1_enable.patch Sat Mar 14 15:05:25 2009
@@ -1,0 +1,20 @@
+From: Simon Josefsson <simon at josefsson.org>
+Subject: Bug#514807: Regression in libgnutls security update
+To: Florian Weimer <fw at deneb.enyo.de>
+CC: 514807 at bugs.debian.org, Edward Allcutt <emallcut at gleim.com>,
+ team at security.debian.org
+Date: Thu, 12 Feb 2009 11:40:28 +0100
+Reply-To: Simon Josefsson <simon at josefsson.org>, 514807 at bugs.debian.org
+
+diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c
+index 7872f20..fe7ad22 100644
+--- a/lib/gnutls_cert.c
++++ b/lib/gnutls_cert.c
+@@ -280,6 +280,7 @@ gnutls_certificate_allocate_credentials (gnutls_certificate_credentials_t *
+
+ (*res)->verify_bits = DEFAULT_VERIFY_BITS;
+ (*res)->verify_depth = DEFAULT_VERIFY_DEPTH;
++ (*res)->verify_flags = GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT;
+
+ return 0;
+ }
More information about the Pkg-gnutls-commits
mailing list