Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian....@packages.debian.org
Usertags: pu
Hello,
I would like to make a last bugfix upload to stretch:
* Pull fixes for CVE-2019-3836 / [GNUTLS-SA-2019-03-27, #694].
+ 40_casts_related_to_fix_CVE-2019-3829.patch
+ 40_rel3.6.7_01-Automatically-NULLify-after-gnutls_free.patch
+ 40_rel3.6.7_01-fuzz-added-fuzzer-for-certificate-verification.patch
+ 41_use_datefudge_to_trigger_CVE-2019-3829_testcase.diff
* More important fixes:
+ 43_rel3.6.14_10-session_pack-fix-leak-in-error-path.patch
[One-line-fix for memleak]
+ 44_rel3.6.14_10-Update-session_ticket.c-to-add-support-for-zero-leng.patch
Handle zero length session tickets, fixing connection errors on TLS1.2
sessions to some big hosting providers. (See LP 1876286)
[Fixes connections to e.g. verizon popserver.]
TIA, cu Andreas
