[ubuntu/yakkety-updates] gnutls28 3.5.3-5ubuntu1.2 (Accepted)

Ubuntu Archive Robot Tue, 13 Jun 2017 10:59:11 -0700

gnutls28 (3.5.3-5ubuntu1.2) yakkety-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference via status response TLS
    extension decoding
    - debian/patches/CVE-2017-7507-1.patch: ensure response IDs are
      properly deinitialized in lib/ext/status_request.c.
    - debian/patches/CVE-2017-7507-2.patch: remove parsing of responder IDs
      from client extension in lib/ext/status_request.c.
    - debian/patches/CVE-2017-7507-3.patch: documented requirements for
      parameters in lib/ext/status_request.c.
    - CVE-2017-7507
  * SECURITY UPDATE: DoS and possible code execution via OpenPGP
    certificate decoding
    - debian/patches/CVE-2017-7869.patch: enforce packet limits in
      lib/opencdk/read-packet.c.
    - CVE-2017-7869


Date: 2017-06-12 14:39:15.411129+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
Signed-By: Ubuntu Archive Robot 
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/gnutls28/3.5.3-5ubuntu1.2

Sorry, changesfile not available.

-- 
Yakkety-changes mailing list
Yakkety-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/yakkety-changes

[ubuntu/yakkety-updates] gnutls28 3.5.3-5ubuntu1.2 (Accepted)

Reply via email to