-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 15 Jun 2024 13:22:35 +0200 Source: gnutls28 Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym Architecture: arm64 Version: 3.7.9-2+deb12u3 Distribution: bookworm Urgency: medium Maintainer: arm Build Daemon (arm-conova-03) Changed-By: Andreas Metzler Description: gnutls-bin - GNU TLS library - commandline utilities guile-gnutls - GNU TLS library - GNU Guile bindings libgnutls-dane0 - GNU TLS library - DANE security support libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper libgnutls28-dev - GNU TLS library - development files libgnutls30 - GNU TLS library - main runtime library libgnutlsxx30 - GNU TLS library - C++ runtime library Closes: 1067463 1067464 Changes: gnutls28 (3.7.9-2+deb12u3) bookworm; urgency=medium . * Update to 3.7.11: + Replace 60-auth-rsa_psk-side-step-potential-side-channel.patch 61-x509-detect-loop-in-certificate-chain.patch 62-rsa-psk-minimize-branching-after-decryption.patch with versions from gnutls_3_7_x branch instead of manual backports from 3.8.x. + Add 53-fips-fix-checking-on-hash-algorithm-used-in-ECDSA.patch (Fix checking on hash algorithm used in ECDSA in FIPS mode) and 54-fips-mark-composite-signature-API-not-approved.patch (Mark composite signature API non-approved in FIPS mode.) to allow straight cherry-picking of later patches. + 63_01-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch libgnutls: Fixed a bug where certtool crashed when verifying a certificate chain with more than 16 certificates. Reported by William Woodruff (#1525) and yixiangzhike (#1527). [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835] Closes: #1067463 + 63_02-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch libgnutls: Fix side-channel in the deterministic ECDSA. Reported by George Pantelakis (#1516). [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834] Closes: #1067464 + 63_03-serv-fix-memleak-when-a-connected-client-disappears.patch Fix a memleak in gnutls-serv when a connected client disappears. + 63_04-lib-fix-a-segfault-in-_gnutls13_recv_end_of_early_da.patch Fix a segfault in _gnutls13_recv_end_of_early_data(). + 63_05-lib-fix-a-potential-segfault-in-_gnutls13_recv_finis.patch Fix a potential segfault in _gnutls13_recv_finished(). Checksums-Sha1: d82f5b37164e220da16f8ed24b8e680d57484c22 902064 gnutls-bin-dbgsym_3.7.9-2+deb12u3_arm64.deb f2e7705c00b47878d9ee21a2ce2d2ec5559a518a 624512 gnutls-bin_3.7.9-2+deb12u3_arm64.deb 79276d90f58e3c81a556a9c1259858b05d026f02 11220 gnutls28_3.7.9-2+deb12u3_arm64-buildd.buildinfo 8a73a59e5119b93fafe30e0cf4a2b5bb92c55cbb 257452 guile-gnutls-dbgsym_3.7.9-2+deb12u3_arm64.deb 36136a65bcdbb7d24bca5b0ed6ffde056c0c6667 457184 guile-gnutls_3.7.9-2+deb12u3_arm64.deb 0312c50ab9bde8f97e33f9e8d3fe2cebfc1ee64e 90128 libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_arm64.deb 93b4c1df5fa64c980177c336bdc78adbb23b2a19 403932 libgnutls-dane0_3.7.9-2+deb12u3_arm64.deb 4305ac20883694fa1625109b69eeab3921c0040c 90784 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_arm64.deb 75c69328743117f0d1802c3acefcf7ac63a550bb 403972 libgnutls-openssl27_3.7.9-2+deb12u3_arm64.deb bbce193b55286543fba6420396b37fda1afe0005 1360984 libgnutls28-dev_3.7.9-2+deb12u3_arm64.deb 4c25896ae9de230e1b5d21b9f822ab97ea899862 2093868 libgnutls30-dbgsym_3.7.9-2+deb12u3_arm64.deb cae7cb09f590387510076244ebee2dfb23089e49 1312648 libgnutls30_3.7.9-2+deb12u3_arm64.deb 94d4ac569084ef7340c38814b2e5302cc1b7f7c1 48332 libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_arm64.deb 9bca2e8dae5142350439076d0663435557befb94 13072 libgnutlsxx30_3.7.9-2+deb12u3_arm64.deb Checksums-Sha256: f5ec0c13c3704069a932349d8e9e6c9620aa7b7a05e36906b2da60725a7c1d18 902064 gnutls-bin-dbgsym_3.7.9-2+deb12u3_arm64.deb 4adec5df6152849c06032d4272ff54dc227e0d6c960e5596066d452363d05b19 624512 gnutls-bin_3.7.9-2+deb12u3_arm64.deb b336ad00279cf2d475a726e653e1679f989698c9f1693bd2c4642055b6c1210d 11220 gnutls28_3.7.9-2+deb12u3_arm64-buildd.buildinfo 38ae51a50d54f1aa95f7b49b5c2bde0bd38b9405f28ccf9566a47c8896ccd6ef 257452 guile-gnutls-dbgsym_3.7.9-2+deb12u3_arm64.deb caaf09050287b0df3940e33b70cd3eb51ca359c221d3f0c7b2d3502bb9d4de3a 457184 guile-gnutls_3.7.9-2+deb12u3_arm64.deb 654eb057ccd52444fb9a43ece5ef4b06122db60bd1e72a24fb5819c5adae0e89 90128 libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_arm64.deb 11467cd959e56cd44ff8d6865ed9a907a0d58be75433ed77a862dd65bb7afd0b 403932 libgnutls-dane0_3.7.9-2+deb12u3_arm64.deb 37a157c330ac94ab546cd9af894eb9cce31861c2fc2e703c42eb3bad651e5e2a 90784 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_arm64.deb e22754711ecc46be7fc6ffa19dca5420c9a31cb9fbb5c2b2f6d9bb46bcbf5fbc 403972 libgnutls-openssl27_3.7.9-2+deb12u3_arm64.deb 8e65d979832ff4e8a363eb1c071ca715cb162cc9dc4eceabbdd966cfe6200139 1360984 libgnutls28-dev_3.7.9-2+deb12u3_arm64.deb 5f8c73d370820972e3cdd932961d464e11529e01772f3becbe530e64f33a4e0d 2093868 libgnutls30-dbgsym_3.7.9-2+deb12u3_arm64.deb c57211d73ef38e312eebb080210474f10dc66af736f866899190e1ee0a37ad9d 1312648 libgnutls30_3.7.9-2+deb12u3_arm64.deb 1459e2361d91f22da9f546bfc4a1a9155b3b51a9b3041756dad31fe9966624de 48332 libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_arm64.deb 5e9071ef1e8bd2cc43c8b2431bca1e45d6912a97defa4610da39cee61a7570de 13072 libgnutlsxx30_3.7.9-2+deb12u3_arm64.deb Files: 7b584959c1ccf10097d915fbfdad4a03 902064 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u3_arm64.deb 02373b632e2e97ab217795d35196a74b 624512 net optional gnutls-bin_3.7.9-2+deb12u3_arm64.deb 074782389a3dbab94ca707fad422e1e7 11220 libs optional gnutls28_3.7.9-2+deb12u3_arm64-buildd.buildinfo f2ed6eb6aee273b8ca063a9585eaeda9 257452 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u3_arm64.deb ad1b71c29e3757ea27de756885c5e8b6 457184 lisp optional guile-gnutls_3.7.9-2+deb12u3_arm64.deb 6cd253eacbae43928b652ea89b462ae7 90128 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_arm64.deb 9c19997ffadd95ac9ca5c3306d87c57e 403932 libs optional libgnutls-dane0_3.7.9-2+deb12u3_arm64.deb 2cccdea609c458f9b4a8c6517ba25910 90784 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_arm64.deb 8feb5dc76d2d44d345f5d3f545cd7310 403972 libs optional libgnutls-openssl27_3.7.9-2+deb12u3_arm64.deb 51d6539b2916c8a64a6de713188da23f 1360984 libdevel optional libgnutls28-dev_3.7.9-2+deb12u3_arm64.deb b21ced4f7de3bb96ad062ba0a2fe4d0d 2093868 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u3_arm64.deb 66d89c355b4cb0c56a24bd6f41b4305f 1312648 libs optional libgnutls30_3.7.9-2+deb12u3_arm64.deb a9fb1416b4bee7ba3d5f5dcfe523140e 48332 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_arm64.deb 8ccd8d37f844c3b34eb52aac589ee119 13072 libs optional libgnutlsxx30_3.7.9-2+deb12u3_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEU81tY/BC8e+eAeWhLffeOnPnbLUFAmZvVMEACgkQLffeOnPn bLUxyA/+OwzpG7SS+0TKQNkzAvT/U9LJrGge9nLS72PUFRoOvpmavajs6ERpQQHE eivNqOPfMzPlwSrQWVM4rnqtT23YEknoDAaj73a+2m65c8gOUC+uuaB2GmkeNaJV 5SDARD1q2CJTkX7McAdz/WqQ5rwy2oLqLbPfL6C5I9jwhN6hjqcOdWh/i9o8GZxe RMEMjRMhlVxojX+t/2kmf+VrN/9n690rnfgkAFgstX+x7CByChmDxO1h3hyg/gwP AtI9EWGp30/HBjQ0nhnljcGDI1u1NfA3GYTyQFdXElg+waYf+aALnuzx9gWHMl2+ Jc5DrQANNO5Mt5K9mgm7z8V2SMsBlQrlCQpT8IpbBe2B5Q7vPboynsh2DV7DkbNw UzB8hxsXidgYnRLGRgIQUOVXdEkfZsxxpLTZ6JAVlB/UvUQ+PvGy9qNho4SgcZ5x 7DUS3+Qi972E3eiE5pfWS2hY5SqY+GdwabJUYZkuoWXEpI2r1gEgt+99Ze/d9BIQ XcXg6TtDgW0e9yAO3WGeW6J3j09KOyjUtVMVj3K8ntFM/u71EDyfnRTMZw3ozl7t y7iU3EYcvCb90UgDrR/m6g3k535oypGd1oVXSSYofywtkEicl/fxJV0Uh7giElup X5AV0QnpRW5nBZ5qwdk6yjIrwbPykQRlTm+4d5kBWHPY7If7mXM= =/GZK -----END PGP SIGNATURE-----