gnutls28_3.8.12-1_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Feb 9 18:19:26 GMT 2026
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 09 Feb 2026 18:34:29 +0100
Source: gnutls28
Architecture: source
Version: 3.8.12-1
Distribution: unstable
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler at debian.org>
Changes:
gnutls28 (3.8.12-1) unstable; urgency=medium
.
* Drop OpenSSL wrapper library.
* New upstream bugstream release, includes fixes for (inter alia):
+ libgnutls: Fix NULL pointer dereference in PSK binder verification:
A TLS 1.3 resumption attempt with an invalid PSK binder value in
ClientHello could lead to a denial of service attack via crashing the
server. The updated code guards against the problematic dereference.
Reported by Jaehun Lee.
[Fixes: GNUTLS-SA-2026-02-09-1, CVSS: high] [CVE-2026-1584]
+ libgnutls: Fix name constraint processing performance issue:
Verifying certificates with pathological amounts of name constraints
could lead to a denial of service attack via resource exhaustion.
Reworked processing algorithms exhibit better performance
characteristics. Reported by Tim Scheckenbach.
[Fixes: GNUTLS-SA-2026-02-09-2, CVSS: medium] [CVE-2025-14831]
* Drop 50_0001-mem-include-headers-for-size_t-and-uint8_t.patch.
* Update copyright info.
Checksums-Sha1:
257571290863b377c8694a395c4a21ee1bbfdad3 3172 gnutls28_3.8.12-1.dsc
d0bc40f70507922f632658f8991328c917ce6729 6949604 gnutls28_3.8.12.orig.tar.xz
fc49ce4fce4d4cf55c13b73b8f290485ba85771e 996 gnutls28_3.8.12.orig.tar.xz.asc
bbe55272276d1cbc9752ea27e4f282b6b7ca72ad 173224 gnutls28_3.8.12-1.debian.tar.xz
bd3779136cba3e6d8a72a9242dc38888a638b2b3 6883 gnutls28_3.8.12-1_source.buildinfo
Checksums-Sha256:
bf0864fd66facd59c29de9907a31254fd2e2f3e6e20a6b640f2cd8998a736db6 3172 gnutls28_3.8.12-1.dsc
a7b341421bfd459acf7a374ca4af3b9e06608dcd7bd792b2bf470bea012b8e51 6949604 gnutls28_3.8.12.orig.tar.xz
7a70d4071502974666f2f661e4ab06ba06076efd20468e4198f5f09c7ace41e2 996 gnutls28_3.8.12.orig.tar.xz.asc
8b4d6e2b62f47a4c7640cfec027428b62525dd00bb410ca5da44b45c2c44a7c0 173224 gnutls28_3.8.12-1.debian.tar.xz
762201867aa460467dc013cd8883c6b96a2ea388b1507a0bc3d72c55f49594e3 6883 gnutls28_3.8.12-1_source.buildinfo
Files:
736182bd1cd6a563b14cdb3a4904b9b9 3172 libs optional gnutls28_3.8.12-1.dsc
df129bed331c18381991b5b8f36b7070 6949604 libs optional gnutls28_3.8.12.orig.tar.xz
973bda9c4d8294d0526f4900499b25bb 996 libs optional gnutls28_3.8.12.orig.tar.xz.asc
e4d5535c84291a17f8141877ca86739c 173224 libs optional gnutls28_3.8.12-1.debian.tar.xz
324837a66b3dec2153e89c35daacd028 6883 libs optional gnutls28_3.8.12-1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmmKHnMACgkQpU8BhUOC
FITeLxAAl2inu31aBMGqoEJ96s/UFoscUtpfF9WGvjN4yCNUYllOmqqOrUSBLWdQ
gEwZge0c/3M+PaiSIu/IAHEoyJWpt9lSY/5S5EF3VpVOCExk4FWW3ZvHvlXhYHbU
/7Hj0Wn4ZgjXwLHAfose8XqyKrHi1P0mfg32+BBsgRsVJYy2DaRoLdMK9Du2Woas
pRZfVnjkkENuww1SOG/DY/ltnvSixOJBmeB3LRHxp2kL/HDMYpl16Uog9GGRycQj
ToPZqomNlBRa28i+kxO6jwEMkh/uuydJG/n8XDDv20oY5yGnRZi2kZL6LrwcYHu1
BlMrI+cTfDBfYnwDrmWl89zWajMuzU8uUEO4eK+4aQxCd6I66Sw99koo0uf0b42W
WWRkqGOqNnp/wE9eyGrDB1k/w9JLWjZGIulTlytO7g4404F/0JthZaFGFpEtNZf9
ggXrrK0O4tZlBGX1ECQHDBC3vAjVMX3OUzxxIsksQFKRwz0fRFwlB96K5+6IEkSh
pd7o2KyCF3Rj26VbTwRaSTciV3meo12GW0sEgU4R2/t57MHdV0oOhZ1FJ1sHh8Np
TtqHE0RTMC6T8aC1GfRM/wEYXwLolCjybC2zIgJAUtEioSJzaNvOmFcJCX9ZgP9D
DZC3dllFtO/BeIn9OmhAMoeltDE44FAP+s9ku9WtKJ0LNrWlOAA=
=7e5c
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnutls-maint/attachments/20260209/26e5d629/attachment.sig>
More information about the Pkg-gnutls-maint
mailing list