gnutls28_3.7.9-2+deb12u3_multi.changes ACCEPTED into proposed-updates

Debian FTP Masters ftpmaster at ftp-master.debian.org
Sun Jun 16 21:33:48 BST 2024 

Thank you for your contribution to Debian.



Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 15 Jun 2024 13:22:35 +0200
Source: gnutls28
Architecture: source
Version: 3.7.9-2+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler at debian.org>
Closes: 1067463 1067464
Changes:
 gnutls28 (3.7.9-2+deb12u3) bookworm; urgency=medium
 .
   * Update to 3.7.11:
     + Replace 60-auth-rsa_psk-side-step-potential-side-channel.patch
       61-x509-detect-loop-in-certificate-chain.patch
       62-rsa-psk-minimize-branching-after-decryption.patch with versions from
       gnutls_3_7_x branch instead of manual backports from 3.8.x.
     + Add 53-fips-fix-checking-on-hash-algorithm-used-in-ECDSA.patch (Fix
       checking on hash algorithm used in ECDSA in FIPS mode) and
       54-fips-mark-composite-signature-API-not-approved.patch (Mark composite
       signature API non-approved in FIPS mode.) to allow
       straight cherry-picking of later patches.
     + 63_01-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
       libgnutls: Fixed a bug where certtool crashed when verifying a
       certificate chain with more than 16 certificates. Reported by William
       Woodruff (#1525) and yixiangzhike (#1527).  [GNUTLS-SA-2024-01-23, CVSS:
       medium] [CVE-2024-28835] Closes: #1067463
     + 63_02-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch
       libgnutls: Fix side-channel in the deterministic ECDSA.
       Reported by George Pantelakis (#1516).  [GNUTLS-SA-2023-12-04, CVSS:
       medium] [CVE-2024-28834] Closes: #1067464
     + 63_03-serv-fix-memleak-when-a-connected-client-disappears.patch
       Fix a memleak in gnutls-serv when a connected client disappears.
     + 63_04-lib-fix-a-segfault-in-_gnutls13_recv_end_of_early_da.patch
       Fix a segfault in _gnutls13_recv_end_of_early_data().
     + 63_05-lib-fix-a-potential-segfault-in-_gnutls13_recv_finis.patch
       Fix a potential segfault in _gnutls13_recv_finished().
Checksums-Sha1: 
 a29a32c7e06a672f8e724e5c4b08cd7dd99ffc43 3421 gnutls28_3.7.9-2+deb12u3.dsc
 4d74829fb268fb0c31667d3eeb5efa424fdb28a1 103728 gnutls28_3.7.9-2+deb12u3.debian.tar.xz
Checksums-Sha256: 
 3f136935775b93298a194049050769628c5a623e1e7a3021fcd3d9ac9fe0c171 3421 gnutls28_3.7.9-2+deb12u3.dsc
 affecf130f25873fd7b18d0904ce757535a0a743b2c770efe1dc7faf1db52328 103728 gnutls28_3.7.9-2+deb12u3.debian.tar.xz
Files: 
 1c8abc659a7b7194f85a8e641d48f23c 3421 libs optional gnutls28_3.7.9-2+deb12u3.dsc
 36b999d8149fa777937d70733891d33a 103728 libs optional gnutls28_3.7.9-2+deb12u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmZtg8IACgkQpU8BhUOC
FIRNvA//T7Q8PmVqI3GReS9nhZ5COcX/Etrx+tKvZwBp2kWivlAZ7XHw+5j6Vy5g
+QW6IhZigzokI41ZGVytuWOftZIvEe6ozJtcV3vE1US7tur7vuv4ZTb99r6PKtcE
CrWECdnwkPfubeFm9MKG6gN1lc9sD2d9Y0Wdz9Og6aW22MwE8heqoDDNpa44ECxL
lW/iRWVLtfBR3Ze/f2okYPVYcVKkK4gqb4ntAA7dZ/P1amt+Pr1YgPkMybKaOL00
iT7/jAnfqkJboG04v7mHxG8/B+/Zz1565QOEhKnVPFU/Ut1pI1w8msqwBSiuUH4R
cNwLXn/LMWATCPcW3ipa9mLFymh2Hg7eBKpsJpdfFteTnLg16boehxHzA6eLAZ/Q
bjzNz2++DhhNCxf2k9U7D1ItOPPyE6OsnaH4/Sdfo2Mv1pRrUh++YDJK1QJxhVL7
pI980LLRZQ3eD6hff0GGPllbPprb8nyBfVKjiPXBZC3L5JG8jReyDtm34oj6f/CC
Bam00wVOEgibQsxT9lnEoxEEU7X0frXTJuY1hdmvp1BzvT8kWNhVGlARHGv08dp7
WClpZOXmqvrLrOqOHE8stKwdA9vgRvUP0VVFWbePiMIhScYTSD8nqxGGl5nnnmme
rrPJYZhjda98UED4aSx5v0VEPns6WEAEf6j+6pgLuI8q4Urlkuc=
=/nSx
-----END PGP SIGNATURE-----

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20240616/988135b5/attachment.sig>

More information about the Pkg-gnutls-maint mailing list