Debian Patches

Status for mod-gnutls/0.9.0-1.1

Patch Description Author Forwarded Bugs Origin Last update
0001-Never-build-PDF-documentation.patch Never build PDF documentation
It's not installed anyway, and breaks the build if pdflatex is
available but fonts used by pandoc are missing.
Fiona Klute <fiona.klute@gmx.de> no 2019-01-30
0001-Fix-possible-segfault-NULL-pointer-dereference-on-fa.patch Fix possible segfault (NULL pointer dereference) on failed TLS handshake

Calling ssl_var_lookup() after a failed handshake could lead to GnuTLS
session information functions being called on a NULL session pointer,
leading to segfault. I observed this in a case where mod_http2 was
trying to check the negotiated TLS version after the client rejected
the server certificate.
Fiona Klute <fiona.klute@gmx.de> no 2019-11-28
0001-Test-suite-Remove-URLs-from-expected-error-responses.patch Test suite: Remove URLs from expected error responses
Apache HTTPD removed request URLs from canned error messages to
prevent misleading text/links being displayed via crafted links
(CVE-2019-10092). Adjust the expected error responses in our tests so
they can pass again.
Fiona Klute <fiona.klute@gmx.de> no 2019-11-01
0001-Test-suite-ignore-Content-Length-header.patch Test suite: ignore "Content-Length" header
Do not check the returned "Content-Length" header value when running the
tests, as long as it's valid. This will allow for more flexibility in
matching the content in the future.
Krista Karppinen <krista.celestia@gmail.com> no 2019-11-01
disable-test16.patch Disable a test that fails with GnuTLS >= 3.6.11 A proper fix is in upstream release 0.10.0. no debian

All known versions for source package 'mod-gnutls'

Links