gnutls26 lenny update
I have prepared an update of gnutls26 for lenny, incorporating
these changes:
- Finally add an entry to the NEWS.Debian file concerning the deprecation of
RSA-MD2 and RSA-MD5 for signature verification.
Closes: #514578
- CVE-2009-2730 fix breaks openpgp auth. 27_fix_openpgp.diff
- 28_GNUTLS-SA-2009-3.diff: Make gnutls check expiration times of X.509
certificates. Expired certificates are not marked as trusted anymore even
if they are signed by a trusted CA. CVE-2009-1417.
Closes: #528281
I would appreciate testing. Source and binaries for i386 and amd64 are
available here.
Posted by Andreas Metzler
|
Permanent link
| File under:
debian