Back to mbedtls PTS page

Accepted mbedtls 2.4.2-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates

To: debian-changes@lists.debian.org
Subject: Accepted mbedtls 2.4.2-1+deb9u1 (source) into proposed-updates->stable-new, proposed-updates
From: James Cowgill <jcowgill@debian.org>
Date: Fri, 08 Sep 2017 22:17:08 +0000
Mail-followup-to: debian-devel@lists.debian.org
Message-id: <E1dqRaG-000IUa-5u@fasolo.debian.org>
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 01 Sep 2017 09:29:59 +0100
Source: mbedtls
Binary: libmbedtls-dev libmbedcrypto0 libmbedtls10 libmbedx509-0 libmbedtls-doc
Architecture: source
Version: 2.4.2-1+deb9u1
Distribution: stretch-security
Urgency: high
Maintainer: James Cowgill <jcowgill@debian.org>
Changed-By: James Cowgill <jcowgill@debian.org>
Description:
 libmbedcrypto0 - lightweight crypto and SSL/TLS library - crypto library
 libmbedtls-dev - lightweight crypto and SSL/TLS library - development files
 libmbedtls-doc - lightweight crypto and SSL/TLS library - documentation
 libmbedtls10 - lightweight crypto and SSL/TLS library - tls library
 libmbedx509-0 - lightweight crypto and SSL/TLS library - x509 certificate library
Closes: 873557
Changes:
 mbedtls (2.4.2-1+deb9u1) stretch-security; urgency=high
 .
   * Fix CVE-2017-14032:
     If optional authentication is configured, allows remote attackers to
     bypass peer authentication via an X.509 certificate chain with many
     intermediates. (Closes: #873557)
Checksums-Sha1:
 387483bc2864ffbad43d7d8d9550d981b021f878 2248 mbedtls_2.4.2-1+deb9u1.dsc
 71e0aa93e4548611fdb15af93e8b93b30c764e4c 1925368 mbedtls_2.4.2.orig.tar.gz
 a834a8283e89aabcb7fb5eb53a01a33f798f971d 12424 mbedtls_2.4.2-1+deb9u1.debian.tar.xz
 33faeaa5af8aa12b27fb67b04072209d2a073456 6171 mbedtls_2.4.2-1+deb9u1_source.buildinfo
Checksums-Sha256:
 dca38409f50f68221a7c452a8d446ecbca41ce24c4bcdb6a33a5ed7911df35a9 2248 mbedtls_2.4.2-1+deb9u1.dsc
 17dd98af7478aadacc480c7e4159e447353b5b2037c1b6d48ed4fd157fb1b018 1925368 mbedtls_2.4.2.orig.tar.gz
 9059433533496b9ed2b63d77c121c25d80ff64f72432788361dff07dc9894cec 12424 mbedtls_2.4.2-1+deb9u1.debian.tar.xz
 009d3e996cf72b9d19717af294b32e2338c076c0431d6e3a22c7bb1574f34c2b 6171 mbedtls_2.4.2-1+deb9u1_source.buildinfo
Files:
 5cc1dcccc78d00eda04d9b15e1bf2d2d 2248 libs optional mbedtls_2.4.2-1+deb9u1.dsc
 8e3a8357e0fc23a3954a819027f5167e 1925368 libs optional mbedtls_2.4.2.orig.tar.gz
 bb1c71888e031b85de4d4dbbae2d32de 12424 libs optional mbedtls_2.4.2-1+deb9u1.debian.tar.xz
 db358bec72552b71eaf3ef9762df0168 6171 libs optional mbedtls_2.4.2-1+deb9u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJIBAEBCgAyFiEE+Ixt5DaZ6POztUwQx/FnbeotAe8FAlmwOUkUHGpjb3dnaWxs
QGRlYmlhbi5vcmcACgkQx/FnbeotAe94Jg/9F+D/OfD3tHg/jpxZID/kaQgZ5dou
n0r8e6s2TFr69pBGQZYYmO5Qs4yhkaXFhUKt/JfojMcvkEozBxc/OYJSUug7T2b4
9tlsfY8EDbXHSDKHU5y0kFEpOaKG0hruCTaocGuW0oWqY0eFWGML9bghyuY+guzt
6XI65fGJTg9YOFX+jntD7F5KaYbNf9IavrDaKZEl9Wx2DthwGWqt2ITrbnxqMct2
R74N5FJjhmEegc7OnnzIfLbvSqkcuXu/xRmm47VaYwwLLzU5br6fPNE60TZg7UNk
+6ZmAAxuoYyu4bHfVo0C3yTufQGCqEbqIuFP0U9WSfBt9/YuO407C9cV96NpupR0
TI0D4SDW8eTz8ySGYaKGMD7dAd/bEjhp7iBV6fiKRRii3jXBBKOYfWhDweLS8mbh
/KWVj/32HCdeSP3hY+MvvJOpcCgRDrNu7Aa+OsYNoTA1lgVQVS60ALsuDC4TgsRK
oBW6BBR4+RQc1jfGW/qpI58u73rU2GlzTm+yZ3eDCd1JCUbcd0M26oOBjPpuVipU
Drt86lQVWzO7a4KI82qH6jL4EU+jFwehc+WpUlKyjotfAABcapBGcBCivZqernp9
jh+vYFqfM92mB4uUKsxK5U2iRMr2iHQPz/7r1qArhAMCMACvJ2paWC0AE7WqU3uq
9sqB6vKS/IldzJI=
=Kh9F
-----END PGP SIGNATURE-----