On 2019-05-20 Paul Gevers wrote:
> On 19-05-2019 10:33, Andreas Metzler wrote:
>> I probably could try to pick the CVE related changes and other important
>> bug-fixes, however I do not think it is the right choice. The changes
>> will be smaller but the risk of breakage is higher.
> Can you expl
Hi Andreas,
I am going to push back.
On 19-05-2019 10:33, Andreas Metzler wrote:
> I probably could try to pick the CVE related changes and other important
> bug-fixes, however I do not think it is the right choice. The changes
> will be smaller but the risk of breakage is higher.
Can you explai
On 2019-05-18 Paul Gevers wrote:
[gnutls]
> Is it reasonably possible to split of the CVE changes and patch the
> version currently in testing? That would be much more comfortable for
> us. Either by reverting the new upstream version with e.g. an +really
> version number, or, but less preferred b
Control: tags -1 moreinfo
Hi Andreas,
On Thu, 4 Apr 2019 19:41:44 +0200 Andreas Metzler wrote:
> The straight debdiff is huge, because of a) usual release updates of
> autogenerated files and b) because it includes a global
> 's/http:/https:/'. Stripped down debdiff is attached.
Indeed, even th
On 2019-04-04 Andreas Metzler wrote:
[...]
> This is a upstream bugfix release featuring two security fixes
> + Fixes a memory corruption (double free) vulnerability in the
> certificate verification API.
> https://gitlab.com/gnutls/gnutls/issues/694 CVE-2019-3829
> GNUTLS-S
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
Please unblock package gnutls28.
This is a upstream bugfix release featuring two security fixes
+ Fixes a memory corruption (double free) vulnerability in the
certificate verific
6 matches
Mail list logo