gnutls28_3.7.9-2+deb12u3_multi.changes ACCEPTED into proposed-updates->stable-new
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Jun 15 16:20:08 BST 2024
Thank you for your contribution to Debian.
Mapping bookworm to stable.
Mapping stable to proposed-updates.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 15 Jun 2024 13:22:35 +0200
Source: gnutls28
Architecture: source
Version: 3.7.9-2+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler at debian.org>
Closes: 1067463 1067464
Changes:
gnutls28 (3.7.9-2+deb12u3) bookworm; urgency=medium
.
* Update to 3.7.11:
+ Replace 60-auth-rsa_psk-side-step-potential-side-channel.patch
61-x509-detect-loop-in-certificate-chain.patch
62-rsa-psk-minimize-branching-after-decryption.patch with versions from
gnutls_3_7_x branch instead of manual backports from 3.8.x.
+ Add 53-fips-fix-checking-on-hash-algorithm-used-in-ECDSA.patch (Fix
checking on hash algorithm used in ECDSA in FIPS mode) and
54-fips-mark-composite-signature-API-not-approved.patch (Mark composite
signature API non-approved in FIPS mode.) to allow
straight cherry-picking of later patches.
+ 63_01-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
libgnutls: Fixed a bug where certtool crashed when verifying a
certificate chain with more than 16 certificates. Reported by William
Woodruff (#1525) and yixiangzhike (#1527). [GNUTLS-SA-2024-01-23, CVSS:
medium] [CVE-2024-28835] Closes: #1067463
+ 63_02-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch
libgnutls: Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516). [GNUTLS-SA-2023-12-04, CVSS:
medium] [CVE-2024-28834] Closes: #1067464
+ 63_03-serv-fix-memleak-when-a-connected-client-disappears.patch
Fix a memleak in gnutls-serv when a connected client disappears.
+ 63_04-lib-fix-a-segfault-in-_gnutls13_recv_end_of_early_da.patch
Fix a segfault in _gnutls13_recv_end_of_early_data().
+ 63_05-lib-fix-a-potential-segfault-in-_gnutls13_recv_finis.patch
Fix a potential segfault in _gnutls13_recv_finished().
Checksums-Sha1:
a29a32c7e06a672f8e724e5c4b08cd7dd99ffc43 3421 gnutls28_3.7.9-2+deb12u3.dsc
4d74829fb268fb0c31667d3eeb5efa424fdb28a1 103728 gnutls28_3.7.9-2+deb12u3.debian.tar.xz
Checksums-Sha256:
3f136935775b93298a194049050769628c5a623e1e7a3021fcd3d9ac9fe0c171 3421 gnutls28_3.7.9-2+deb12u3.dsc
affecf130f25873fd7b18d0904ce757535a0a743b2c770efe1dc7faf1db52328 103728 gnutls28_3.7.9-2+deb12u3.debian.tar.xz
Files:
1c8abc659a7b7194f85a8e641d48f23c 3421 libs optional gnutls28_3.7.9-2+deb12u3.dsc
36b999d8149fa777937d70733891d33a 103728 libs optional gnutls28_3.7.9-2+deb12u3.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmZtg8IACgkQpU8BhUOC
FIRNvA//T7Q8PmVqI3GReS9nhZ5COcX/Etrx+tKvZwBp2kWivlAZ7XHw+5j6Vy5g
+QW6IhZigzokI41ZGVytuWOftZIvEe6ozJtcV3vE1US7tur7vuv4ZTb99r6PKtcE
CrWECdnwkPfubeFm9MKG6gN1lc9sD2d9Y0Wdz9Og6aW22MwE8heqoDDNpa44ECxL
lW/iRWVLtfBR3Ze/f2okYPVYcVKkK4gqb4ntAA7dZ/P1amt+Pr1YgPkMybKaOL00
iT7/jAnfqkJboG04v7mHxG8/B+/Zz1565QOEhKnVPFU/Ut1pI1w8msqwBSiuUH4R
cNwLXn/LMWATCPcW3ipa9mLFymh2Hg7eBKpsJpdfFteTnLg16boehxHzA6eLAZ/Q
bjzNz2++DhhNCxf2k9U7D1ItOPPyE6OsnaH4/Sdfo2Mv1pRrUh++YDJK1QJxhVL7
pI980LLRZQ3eD6hff0GGPllbPprb8nyBfVKjiPXBZC3L5JG8jReyDtm34oj6f/CC
Bam00wVOEgibQsxT9lnEoxEEU7X0frXTJuY1hdmvp1BzvT8kWNhVGlARHGv08dp7
WClpZOXmqvrLrOqOHE8stKwdA9vgRvUP0VVFWbePiMIhScYTSD8nqxGGl5nnnmme
rrPJYZhjda98UED4aSx5v0VEPns6WEAEf6j+6pgLuI8q4Urlkuc=
=/nSx
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20240615/e2cc5326/attachment.sig>
More information about the Pkg-gnutls-maint
mailing list