diffstat of debian/ for gnutls28_3.3.15-5 gnutls28_3.3.15-5ubuntu2

 changelog                   |   65 +++++++++++++++++++++++++++++++++++++++++++-
 control                     |   19 +++++++++++-
 libgnutls-dev.install       |    4 ++
 libgnutls28-dev.install     |    4 --
 patches/CVE-2015-6251.patch |   24 ++++++++++++++++
 patches/series              |    1 
 6 files changed, 110 insertions(+), 7 deletions(-)

diff -Nru gnutls28-3.3.15/debian/changelog gnutls28-3.3.15/debian/changelog
--- gnutls28-3.3.15/debian/changelog	2015-06-02 17:30:37.000000000 +0000
+++ gnutls28-3.3.15/debian/changelog	2015-08-31 18:47:39.000000000 +0000
@@ -1,3 +1,19 @@
+gnutls28 (3.3.15-5ubuntu2) wily; urgency=medium
+
+  * SECURITY UPDATE: Double free in certificate DN decoding
+    - debian/patches/CVE-2015-6251.patch: Reset the output value on error
+      in lib/x509/common.c.
+    - CVE-2015-6251
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 31 Aug 2015 14:45:42 -0400
+
+gnutls28 (3.3.15-5ubuntu1) wily; urgency=medium
+
+  * Merge from Debian unstable. Remaining changes:
+    - Make gnutls28 default.
+
+ -- Adam Conrad <adconrad@ubuntu.com>  Thu, 11 Jun 2015 14:47:40 -0600
+
 gnutls28 (3.3.15-5) unstable; urgency=medium
 
   * Upload to unstable.
@@ -24,6 +40,16 @@
 
  -- Andreas Metzler <ametzler@debian.org>  Wed, 13 May 2015 19:20:07 +0200
 
+gnutls28 (3.3.15-2ubuntu1) wily; urgency=medium
+
+  * Merge from Debian unstable. Remaining changes:
+    - Make gnutls28 default.
+  * Dropped patches included in new version:
+    - debian/patches/CVE-2015-0294.patch
+    - debian/patches/CVE-2014-8564.patch
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Thu, 21 May 2015 08:47:19 -0400
+
 gnutls28 (3.3.15-2) unstable; urgency=medium
 
   * 50_updated-sign-md5-rep-to-reduce-false-failures.patch from upstream GIT,
@@ -157,6 +183,32 @@
 
  -- Andreas Metzler <ametzler@debian.org>  Wed, 12 Nov 2014 19:31:07 +0100
 
+gnutls28 (3.3.8-3ubuntu3) vivid; urgency=medium
+
+  * SECURITY UPDATE: certificate algorithm consistency issue
+    - debian/patches/CVE-2015-0294.patch: make sure the two signature
+      algorithms match on cert import in lib/x509/x509.c.
+    - CVE-2015-0294
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 20 Mar 2015 08:16:02 -0400
+
+gnutls28 (3.3.8-3ubuntu2) vivid; urgency=medium
+
+  * SECURITY UPDATE: denial of service and possible code execution via
+    elliptic curves parameter printing
+    - debian/patches/CVE-2014-8564.patch: add more sanity checks in
+      lib/gnutls_ecc.c.
+    - CVE-2014-8564
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Mon, 10 Nov 2014 15:18:59 -0500
+
+gnutls28 (3.3.8-3ubuntu1) vivid; urgency=low
+
+  * Merge from Debian unstable.  Remaining changes:
+    - Make gnutls28 default.
+
+ -- Michael Vogt <michael.vogt@ubuntu.com>  Thu, 30 Oct 2014 15:21:33 +0100
+
 gnutls28 (3.3.8-3) unstable; urgency=high
 
   [ Daniel Kahn Gillmor ]
@@ -327,6 +379,18 @@
 
  -- Andreas Metzler <ametzler@debian.org>  Sat, 29 Mar 2014 19:19:37 +0100
 
+gnutls28 (3.2.16-1ubuntu2) utopic; urgency=medium
+
+  * No-change rebuild to get debug symbols on all architectures.
+
+ -- Brian Murray <brian@ubuntu.com>  Tue, 21 Oct 2014 14:15:57 -0700
+
+gnutls28 (3.2.16-1ubuntu1) utopic; urgency=medium
+
+  * Make gnutls28 default.
+
+ -- Dimitri John Ledkov <xnox@ubuntu.com>  Fri, 08 Aug 2014 08:24:17 +0100
+
 gnutls28 (3.2.16-1) unstable; urgency=medium
 
   * New upstream version.
@@ -2441,4 +2505,3 @@
 
  -- Ivo Timmermans <ivo@debian.org>  Fri, 31 Oct 2003 18:47:09 +0100
 
-
diff -Nru gnutls28-3.3.15/debian/control gnutls28-3.3.15/debian/control
--- gnutls28-3.3.15/debian/control	2015-06-02 17:21:53.000000000 +0000
+++ gnutls28-3.3.15/debian/control	2015-06-11 20:47:37.000000000 +0000
@@ -1,7 +1,8 @@
 Source: gnutls28
 Section: libs
 Priority: optional
-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
+Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
+XSBC-Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
 Uploaders: Andreas Metzler <ametzler@debian.org>,
  Eric Dorland <eric@debian.org>,
  James Westby <jw+debian@jameswestby.net>,
@@ -22,7 +23,7 @@
 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-gnutls/gnutls.git
 Homepage: http://www.gnutls.org/
 
-Package: libgnutls28-dev
+Package: libgnutls-dev
 Section: libdevel
 Architecture: any
 Provides: gnutls-dev, libgnutls-openssl-dev
@@ -54,6 +55,20 @@
  .
  This package contains the GnuTLS development files.
 
+Package: libgnutls28-dev
+Section: libdevel
+Architecture: any
+Depends: libgnutls-dev (= ${binary:Version})
+Multi-Arch: same
+Description: dummy transitional package for GNU TLS library - development files
+ This is a transitional dummy package for libgnutls28-dev to
+ libgnutls-dev migration.  GnuTLS is a portable library which
+ implements the Transport Layer Security (TLS 1.0, 1.1, 1.2) and
+ Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security
+ (DTLS 1.0, 1.2) protocols.
+ .
+ This package can be safely removed.
+
 Package: libgnutls-deb0-28
 Priority: standard
 Architecture: any
diff -Nru gnutls28-3.3.15/debian/libgnutls-dev.install gnutls28-3.3.15/debian/libgnutls-dev.install
--- gnutls28-3.3.15/debian/libgnutls-dev.install	1970-01-01 00:00:00.000000000 +0000
+++ gnutls28-3.3.15/debian/libgnutls-dev.install	2015-06-11 20:47:37.000000000 +0000
@@ -0,0 +1,4 @@
+debian/tmp/usr/include/*
+debian/tmp/usr/lib/*/libgnutls*.so
+debian/tmp/usr/lib/*/libgnutls*.a
+debian/tmp/usr/lib/*/pkgconfig/gnutls.pc
diff -Nru gnutls28-3.3.15/debian/libgnutls28-dev.install gnutls28-3.3.15/debian/libgnutls28-dev.install
--- gnutls28-3.3.15/debian/libgnutls28-dev.install	2013-12-01 17:51:19.000000000 +0000
+++ gnutls28-3.3.15/debian/libgnutls28-dev.install	1970-01-01 00:00:00.000000000 +0000
@@ -1,4 +0,0 @@
-debian/tmp/usr/include/*
-debian/tmp/usr/lib/*/libgnutls*.so
-debian/tmp/usr/lib/*/libgnutls*.a
-debian/tmp/usr/lib/*/pkgconfig/gnutls.pc
diff -Nru gnutls28-3.3.15/debian/patches/CVE-2015-6251.patch gnutls28-3.3.15/debian/patches/CVE-2015-6251.patch
--- gnutls28-3.3.15/debian/patches/CVE-2015-6251.patch	1970-01-01 00:00:00.000000000 +0000
+++ gnutls28-3.3.15/debian/patches/CVE-2015-6251.patch	2015-08-31 18:45:37.000000000 +0000
@@ -0,0 +1,24 @@
+From 272854367efc130fbd4f1a51840d80c630214e12 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@gnutls.org>
+Date: Mon, 20 Jul 2015 21:49:28 +0200
+Subject: [PATCH] Reset the output value on error in _gnutls_x509_dn_to_string()
+
+---
+ lib/x509/common.c | 1 +
+ 1 file changed, 1 insertion(+), 0 deletions(-)
+
+diff --git a/lib/x509/common.c b/lib/x509/common.c
+index 94b6bbc..9a4b96f 100644
+--- a/lib/x509/common.c
++++ b/lib/x509/common.c
+@@ -469,6 +469,7 @@ _gnutls_x509_dn_to_string(const char *oid, void *value,
+ 		if (ret < 0) {
+ 			gnutls_assert();
+ 			gnutls_free(str->data);
++			str->data = NULL;
+ 			return ret;
+ 		}
+ 		str->size = size;
+--
+libgit2 0.22.2
+
diff -Nru gnutls28-3.3.15/debian/patches/series gnutls28-3.3.15/debian/patches/series
--- gnutls28-3.3.15/debian/patches/series	2015-05-13 17:01:08.000000000 +0000
+++ gnutls28-3.3.15/debian/patches/series	2015-08-31 18:46:23.000000000 +0000
@@ -4,3 +4,4 @@
 40_no_more_ssl3.diff
 50_updated-sign-md5-rep-to-reduce-false-failures.patch
 55_nettle3.patch
+CVE-2015-6251.patch