gnutls28 3.5.18-1ubuntu1.1 source package in Ubuntu
Changelog
gnutls28 (3.5.18-1ubuntu1.1) bionic-security; urgency=medium * SECURITY UPDATE: Lucky-13 issues - debian/patches/CVE-2018-1084x-1.patch: correctly account the length field in SHA384 HMAC in lib/algorithms/mac.c, lib/cipher.c. - debian/patches/CVE-2018-1084x-2.patch: always hash the same amount of blocks that would have been on minimum pad in lib/cipher.c. - debian/patches/CVE-2018-1084x-3.patch: require minimum padding under SSL3.0 in lib/cipher.c. - debian/patches/CVE-2018-1084x-4.patch: hmac-sha384 and sha256 ciphersuites were removed from defaults in lib/priority.c, tests/dtls1-2-mtu-check.c, tests/priorities.c. - debian/patches/CVE-2018-1084x-5.patch: fix test for SHA512 in tests/pkcs12_encode.c. - CVE-2018-10844 - CVE-2018-10845 - CVE-2018-10846 * SECURITY UPDATE: double free in cert verification API - debian/patches/CVE-2019-3829-1.patch: automatically NULLify after gnutls_free() in lib/includes/gnutls/gnutls.h.in. - debian/patches/CVE-2019-3829-2.patch: fix some casts in lib/extensions.c. - debian/patches/CVE-2019-3829-3.patch: fix dereference of NULL pointer in lib/x509/x509.c. - CVE-2019-3829 -- Marc Deslauriers <email address hidden> Tue, 28 May 2019 13:18:12 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
gnutls28_3.5.18.orig.tar.xz | 6.9 MiB | ae2248d9e78747cf9c469dde81ff8f90b56838b707a0637f3f7d4eee90e80234 |
gnutls28_3.5.18.orig.tar.xz.asc | 534 bytes | 50bb942469be0639bbab925de630fb921aa8cac5f40072cb1c2cf1fb7ae7977b |
gnutls28_3.5.18-1ubuntu1.1.debian.tar.xz | 70.1 KiB | 75c26de0d6ff4db9853d495d5e04146891018631d65adfbdbe4ed1d9ce9a63ff |
gnutls28_3.5.18-1ubuntu1.1.dsc | 3.4 KiB | 67a024bd669c6388d38f350a08179fc43eca7fcaeb2664bf546597244fcd09b3 |
Available diffs
Binary packages built by this source
- gnutls-bin: GNU TLS library - commandline utilities
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains a commandline interface to the GNU TLS library, which
can be used to set up secure connections from e.g. shell scripts, debugging
connection issues or managing certificates.
.
Useful utilities include:
- TLS termination: gnutls-cli, gnutls-serv
- key and certificate management: certtool, ocsptool, p11tool
- credential management: srptool, psktool
- gnutls-bin-dbgsym: debug symbols for gnutls-bin
- gnutls-doc: GNU TLS library - documentation and examples
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains all the GnuTLS documentation.
- libgnutls-dane0: GNU TLS library - DANE security support
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the runtime library for DANE (DNS-based Authentication
of Named Entities) support.
- libgnutls-dane0-dbgsym: debug symbols for libgnutls-dane0
- libgnutls-openssl27: GNU TLS library - OpenSSL wrapper
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the runtime library of the GnuTLS OpenSSL wrapper.
- libgnutls-openssl27-dbgsym: debug symbols for libgnutls-openssl27
- libgnutls28-dev: GNU TLS library - development files
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the GnuTLS development files.
- libgnutls30: GNU TLS library - main runtime library
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the main runtime library.
- libgnutls30-dbgsym: debug symbols for libgnutls30
- libgnutlsxx28: GNU TLS library - C++ runtime library
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- TLS extensions: server name indication, max record size, opaque PRF
input, etc.
- authentication using the SRP protocol.
- authentication using both X.509 certificates and OpenPGP keys.
- TLS Pre-Shared-Keys (PSK) extension.
- Inner Application (TLS/IA) extension.
- X.509 and OpenPGP certificate handling.
- X.509 Proxy Certificates (RFC 3820).
- all the strong encryption algorithms (including SHA-256/384/512 and
Camellia (RFC 4132)).
.
This package contains the C++ runtime libraries.
- libgnutlsxx28-dbgsym: debug symbols for libgnutlsxx28