gnutls28 (3.0.0-1) experimental; urgency=low
GnuTLS is now using nettle instead of libgcrypt as crypto backend.
Related to this change (nettle uses LGPLv3+ licensed GMP) the licensing has
change. GnuTLS is LGPLv3+ now, GnuTLS-EXTRA GPLv3+. GnuTLS can therefore not
be used by projects using GPLv2 without the "or later" clause.
-- Andreas Metzler <ametzler@downhill.g.la> Sun, 14 Aug 2011 14:27:12 +0200
gnutls26 (2.6.6-1) unstable; urgency=high
libgnutls: Check expiration/activation time on untrusted certificates.
Before the library did not check activation/expiration times on
certificates, and was documented as not doing so. We have realized that
many applications that use libgnutls, including gnutls-cli, fail to
perform proper checks. Implementing similar logic in all applications
leads to code duplication. Hence, we decided to check whether the
current time (as reported by the time function) is within the
activation/expiration period of certificates when verifying untrusted
certificates.
This changes the semantics of gnutls_x509_crt_list_verify, which in
turn is used by gnutls_certificate_verify_peers and
gnutls_certificate_verify_peers2. We add two new
gnutls_certificate_status_t codes for reporting the new error
condition, GNUTLS_CERT_NOT_ACTIVATED and GNUTLS_CERT_EXPIRED. We also
add a new gnutls_certificate_verify_flags flag,
GNUTLS_VERIFY_DISABLE_TIME_CHECKS, that can be used to disable the new
behaviour.
GNUTLS-SA-2009-3 CVE-2009-1417
http://www.gnu.org/software/gnutls/security.html
-- Andreas Metzler <ametzler@debian.org> Thu, 30 Apr 2009 19:00:21 +0200
gnutls26 (2.4.2-5) unstable; urgency=medium
* The gnutls certificate verification code has been changed to stop
trusting some weak algoritms. Verifying untrusted X.509 certificates
signed with RSA-MD2 or RSA-MD5 will now fail with a
GNUTLS_CERT_INSECURE_ALGORITHM verification output.
See <http://www.win.tue.nl/hashclash/rogue-ca/>,
<http://bugs.debian.org/514578> and
<http://www.gnu.org/software/gnutls/manual/gnutls.html#Digital-signatures>
"certtool -i < signature.pem" will inform about the algoritm used for
signing (Search for "Signature Algorithm" in its output.). The proper
fix is to re-issue the certificates with a more secure algoritm. As a
hotfix the respective certicate itself can be added to the list of
trusted certificates. Obviously this should only be done after
verifying the certificate by different means than relying on the weak
signature.
-- Andreas Metzler <ametzler@debian.org> Sat, 07 Feb 2009 12:58:51 +0100
Generated by dwww version 1.15 on Fri May 24 02:31:51 CEST 2024.