-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 20 Jan 2024 07:56:15 +0100 Source: gnutls28 Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx28 libgnutlsxx28-dbgsym Architecture: amd64 Version: 3.7.1-5+deb11u5 Distribution: bullseye Urgency: medium Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Andreas Metzler Description: gnutls-bin - GNU TLS library - commandline utilities guile-gnutls - GNU TLS library - GNU Guile bindings libgnutls-dane0 - GNU TLS library - DANE security support libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper libgnutls28-dev - GNU TLS library - development files libgnutls30 - GNU TLS library - main runtime library libgnutlsxx28 - GNU TLS library - C++ runtime library Closes: 1061045 1061046 Changes: gnutls28 (3.7.1-5+deb11u5) bullseye; urgency=medium . * Cherrypick two CVE fixes from 3.8.3: Fix assertion failure when verifying a certificate chain with a cycle of cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045 Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553 GNUTLS-SA-2024-01-14 Closes: #1061046 Checksums-Sha1: 57e5e08f7b48e79e7891ce9f9d4581fdc8bd2bac 866004 gnutls-bin-dbgsym_3.7.1-5+deb11u5_amd64.deb c206d575d00e56954357331d155012ae56a8776b 647400 gnutls-bin_3.7.1-5+deb11u5_amd64.deb ae4182b182ef6423b53e8b4c970e4c5a43a834ad 11060 gnutls28_3.7.1-5+deb11u5_amd64-buildd.buildinfo 9844c251d7ad6033c5363c2a84d005ff0eebb7e0 232012 guile-gnutls-dbgsym_3.7.1-5+deb11u5_amd64.deb 14b2094d8ea1a3a309a291091e0d08bcf63ec660 449092 guile-gnutls_3.7.1-5+deb11u5_amd64.deb fb1a91c8916842c395e97da74c2d5400baf64432 65076 libgnutls-dane0-dbgsym_3.7.1-5+deb11u5_amd64.deb 14ffdb8914bd02c59e5ca649ddc96fc609908c4a 394988 libgnutls-dane0_3.7.1-5+deb11u5_amd64.deb 08b41944784f935a4bfec1158fbd8621dad75612 65204 libgnutls-openssl27-dbgsym_3.7.1-5+deb11u5_amd64.deb 76e59f6ea8d6b5e24873d26971f27e1a14a518b9 395040 libgnutls-openssl27_3.7.1-5+deb11u5_amd64.deb b320a462c04d1d89bc9b0cccc5a2b1bf8363dfc9 1302696 libgnutls28-dev_3.7.1-5+deb11u5_amd64.deb c8ac615d67e04fd439937574185e43e954deaa97 1937452 libgnutls30-dbgsym_3.7.1-5+deb11u5_amd64.deb fab637359664ae2e58ec9d207a9bbd3651d418a1 1340088 libgnutls30_3.7.1-5+deb11u5_amd64.deb 64146833f859658cf864081160ae76873e2ff189 51852 libgnutlsxx28-dbgsym_3.7.1-5+deb11u5_amd64.deb 57b7da3d9f245725e46e6f80fcce0c2c210e2891 14620 libgnutlsxx28_3.7.1-5+deb11u5_amd64.deb Checksums-Sha256: aabff19bf1210bd2db8464d4c07fa4170c767d50d565526af10bf448dca77b5d 866004 gnutls-bin-dbgsym_3.7.1-5+deb11u5_amd64.deb 8dd386f9850384c5dcd52c5236386985abc7a3be0ab9a76eba03e4d7eca2448e 647400 gnutls-bin_3.7.1-5+deb11u5_amd64.deb fb6316b58f0a61d38eddb8f30fed718613236d1f2a203931e1342d8813dc1f77 11060 gnutls28_3.7.1-5+deb11u5_amd64-buildd.buildinfo d76d7250498e629558af2a28969368e873d5f0a9d1fc2663d6d343647e6f9d76 232012 guile-gnutls-dbgsym_3.7.1-5+deb11u5_amd64.deb 3aa86e28439d3802868a89bc6cfaf47f6725a4c70abdc38a812ac42212270a82 449092 guile-gnutls_3.7.1-5+deb11u5_amd64.deb c6d88c28c92c336eeb5197bbbaaece5cb52fad817120233d088c093cc9e242d9 65076 libgnutls-dane0-dbgsym_3.7.1-5+deb11u5_amd64.deb 4262db26443027fce9168614f695e55bf1108c7d376e0cbeee7929af08177580 394988 libgnutls-dane0_3.7.1-5+deb11u5_amd64.deb 56de6a7213bf43ae159421de39b079c22f3b7b257d8a184354031b6f850f560d 65204 libgnutls-openssl27-dbgsym_3.7.1-5+deb11u5_amd64.deb 14f2f56b4291b9da58ea4a479036ec901abb10187ef01bbc56bc6e1d8c1991b8 395040 libgnutls-openssl27_3.7.1-5+deb11u5_amd64.deb 9cf7946fc97965f15062df85c34cffa9505bff9a1bfe25e26a25fc490e5406b3 1302696 libgnutls28-dev_3.7.1-5+deb11u5_amd64.deb 39602508644e2c5cc14ef38b31f524b2b0f9322d35ce796f1a650bfd95d4bf4a 1937452 libgnutls30-dbgsym_3.7.1-5+deb11u5_amd64.deb cdfacece6f69c9eeecd509c7c44e1d5b47e09ad5e48f732ae151ded1afce45b4 1340088 libgnutls30_3.7.1-5+deb11u5_amd64.deb 0b1da642253af1e91ad6f8132cec2231c6eae91efbff5d18c6f71aea507e7481 51852 libgnutlsxx28-dbgsym_3.7.1-5+deb11u5_amd64.deb 768aab05d1b82e1bfd6e9b16aa88c1fd3e1c447ea16399cce9348f4e68ac02f1 14620 libgnutlsxx28_3.7.1-5+deb11u5_amd64.deb Files: 288e1fcfa1f7b8bb017a425f93cef4ea 866004 debug optional gnutls-bin-dbgsym_3.7.1-5+deb11u5_amd64.deb f85d047de3a00ffadf60c0d1e9976a7c 647400 net optional gnutls-bin_3.7.1-5+deb11u5_amd64.deb bfee44440be380b57855c9690f8696c7 11060 libs optional gnutls28_3.7.1-5+deb11u5_amd64-buildd.buildinfo ef1500f3dfe76a53e4029709f550c0d5 232012 debug optional guile-gnutls-dbgsym_3.7.1-5+deb11u5_amd64.deb b4a85f4bb671bc5f6ce182965ba09e73 449092 lisp optional guile-gnutls_3.7.1-5+deb11u5_amd64.deb f24a527cff9ef9878da1398e770f3c2d 65076 debug optional libgnutls-dane0-dbgsym_3.7.1-5+deb11u5_amd64.deb 664722a95b6d80885b41343bb8db1ef0 394988 libs optional libgnutls-dane0_3.7.1-5+deb11u5_amd64.deb 036d3ff824610c26e858b464442d5c22 65204 debug optional libgnutls-openssl27-dbgsym_3.7.1-5+deb11u5_amd64.deb fb03ffca65fa398953f9f36bfbeec2fc 395040 libs optional libgnutls-openssl27_3.7.1-5+deb11u5_amd64.deb cff3ce89ba7a51a10f7b9727ea02a462 1302696 libdevel optional libgnutls28-dev_3.7.1-5+deb11u5_amd64.deb 4565f63fef1d4086a4b8609b733b756a 1937452 debug optional libgnutls30-dbgsym_3.7.1-5+deb11u5_amd64.deb f39b1086bb7a2f615a57deaa161e31d8 1340088 libs optional libgnutls30_3.7.1-5+deb11u5_amd64.deb ce7c4c501c37cf1950be7d3cfdb00e54 51852 debug optional libgnutlsxx28-dbgsym_3.7.1-5+deb11u5_amd64.deb 8c46bc8a0e230cd0365d8d903d2efc1e 14620 libs optional libgnutlsxx28_3.7.1-5+deb11u5_amd64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEgdRoRGwEM09wlaMzOni7ZmUpKEcFAmYMc1IACgkQOni7ZmUp KEeH4A//QhHKbNyUPbAW0y7xYnz0T9OzNne5Mt2EzVW5wfi9y/xeviM7QYIP/KdS EabMxqT5ZxiR7y94tucFoIilZEpxXV7b1fwrLDZHnnFCz8Vbq/uDJYf94aUc9gAQ QFCbM94i8JsbJyJWr13kxeG6ncTdNrYFcoY+Ho9DW4rk8Js8BVgFi8pEhRSqAG0X uN+nIXACHzgddNBD1BHw1rHcjQrpdBroAVfqsqIsYK42URladQCssCPkPBxpanma e2sCvMUSfmUDGFT7knvwqewH7dq0MdsFlQRFHAOR34+E01E2Iua3Ph7QfSmkLClf iM0WpjxDvqvnSbPd1a0ImSYdPDKQGNlbObFCNzEE+n5V1eklenVlORsNLGhXPm9m g5JBGrP+fhNpqj57jf8Fpc0u986Mkfkf7kjhjgD7bhPOj+jlImBsgFaH3xGORGKg kry3vr8IsHVsYmG89n5ZZPJWrJqb8a/ihkciJyOadV/+sKx/S92qSTyyhk9j38sf Ef63pfYnFINem7OhHZRVfNN1JfpzZoQtLREHbZNa5EpEpX7v2eymuMfEH1eWDEsL 7SNaI3y+hoOt7HumYzDHqwgiFxhK5Hx5Lnfr5AjRSzvqP2eqoiLbYenXKu9kgfLW APfXOpu3PF2hOSPVmRSvBWoGz41/M5x4AlqKjOTKS4uKzFZ9fvU= =cGPQ -----END PGP SIGNATURE-----