-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 15 Jun 2024 13:22:35 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: amd64
Version: 3.7.9-2+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: amd64 / i386 Build Daemon (x86-csail-01) <buildd_amd64-x86-csail-01@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Closes: 1067463 1067464
Changes:
 gnutls28 (3.7.9-2+deb12u3) bookworm; urgency=medium
 .
   * Update to 3.7.11:
     + Replace 60-auth-rsa_psk-side-step-potential-side-channel.patch
       61-x509-detect-loop-in-certificate-chain.patch
       62-rsa-psk-minimize-branching-after-decryption.patch with versions from
       gnutls_3_7_x branch instead of manual backports from 3.8.x.
     + Add 53-fips-fix-checking-on-hash-algorithm-used-in-ECDSA.patch (Fix
       checking on hash algorithm used in ECDSA in FIPS mode) and
       54-fips-mark-composite-signature-API-not-approved.patch (Mark composite
       signature API non-approved in FIPS mode.) to allow
       straight cherry-picking of later patches.
     + 63_01-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
       libgnutls: Fixed a bug where certtool crashed when verifying a
       certificate chain with more than 16 certificates. Reported by William
       Woodruff (#1525) and yixiangzhike (#1527).  [GNUTLS-SA-2024-01-23, CVSS:
       medium] [CVE-2024-28835] Closes: #1067463
     + 63_02-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch
       libgnutls: Fix side-channel in the deterministic ECDSA.
       Reported by George Pantelakis (#1516).  [GNUTLS-SA-2023-12-04, CVSS:
       medium] [CVE-2024-28834] Closes: #1067464
     + 63_03-serv-fix-memleak-when-a-connected-client-disappears.patch
       Fix a memleak in gnutls-serv when a connected client disappears.
     + 63_04-lib-fix-a-segfault-in-_gnutls13_recv_end_of_early_da.patch
       Fix a segfault in _gnutls13_recv_end_of_early_data().
     + 63_05-lib-fix-a-potential-segfault-in-_gnutls13_recv_finis.patch
       Fix a potential segfault in _gnutls13_recv_finished().
Checksums-Sha1:
 75a27ec5b74b74b20e8e61c32a9a72a074629c36 893544 gnutls-bin-dbgsym_3.7.9-2+deb12u3_amd64.deb
 498d6134a4d7e056eda4bfb48af802c3c32b80f1 639824 gnutls-bin_3.7.9-2+deb12u3_amd64.deb
 fd8b170069b34efe52880bf8573fa176f47eb37f 11221 gnutls28_3.7.9-2+deb12u3_amd64-buildd.buildinfo
 f34b2391472d1b33d6d725e5baa9d43f10efbc2f 258252 guile-gnutls-dbgsym_3.7.9-2+deb12u3_amd64.deb
 79f9f918c78368b5076b67de5b9269e0d2f2ee45 462540 guile-gnutls_3.7.9-2+deb12u3_amd64.deb
 d9dcdbbe9910a30f9143d4425425734362b738be 91956 libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_amd64.deb
 fe23e414c0726b4286b9bb4cecd1ae034f0d4bf4 406484 libgnutls-dane0_3.7.9-2+deb12u3_amd64.deb
 ce31aeb2cfa59e0dc0a8d4b4adaf3104e7dced13 92304 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_amd64.deb
 abd99aff4cdf2fe3dbf5dc6d5b9f72dc03f1badc 406424 libgnutls-openssl27_3.7.9-2+deb12u3_amd64.deb
 28ee03968bd951722bd9a27fe2aef03d89e73351 1352432 libgnutls28-dev_3.7.9-2+deb12u3_amd64.deb
 f808e2ff2eac092feba138a234d3a8b4930528d3 2110676 libgnutls30-dbgsym_3.7.9-2+deb12u3_amd64.deb
 cbbbf535b615b3cd3db722b9c876600200381b3b 1404688 libgnutls30_3.7.9-2+deb12u3_amd64.deb
 0bb09aa4fa6890c536433731b171ac81de53209a 49740 libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_amd64.deb
 5cd11b4ba3e48b079bf9109a4279a63730e030fe 14508 libgnutlsxx30_3.7.9-2+deb12u3_amd64.deb
Checksums-Sha256:
 2bfc4118fa9c7348db15681b94e0fd9b68bccfdcce2b0c5de7bd97df5aabf3dc 893544 gnutls-bin-dbgsym_3.7.9-2+deb12u3_amd64.deb
 05016df07b88752d0be6dc1e8205a4c2c25716a0681773b6a380993d9ac2a319 639824 gnutls-bin_3.7.9-2+deb12u3_amd64.deb
 a8bfb7b1f7f123a9a382a93a0956ea4362a40c7bb959ad0f5dd9917fbff4c32b 11221 gnutls28_3.7.9-2+deb12u3_amd64-buildd.buildinfo
 ac2c0b5b9b8107d82b932f981470c87990a17c3d841899967984c919ea28693d 258252 guile-gnutls-dbgsym_3.7.9-2+deb12u3_amd64.deb
 9f0335bf628f9a1016da7a2b6d8302bf96ab1bb4f2c3d8d86d9f44c6c3716672 462540 guile-gnutls_3.7.9-2+deb12u3_amd64.deb
 4226b7de27a2a04237622d0e2358aec9eae14658d8f03dda382f25d8473ce7b7 91956 libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_amd64.deb
 cf949f3e89cb156b54e14892adf6ccf1132bb727f3ae37c016069460c167f868 406484 libgnutls-dane0_3.7.9-2+deb12u3_amd64.deb
 6e4eccc3c1f108053ee49ac230cb00ee75356d1df3e62b94310527cb92939c05 92304 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_amd64.deb
 1425f508050ccecd0c3742903734b26cebbe7cfd359dc1ec0e36e5dd8e5af527 406424 libgnutls-openssl27_3.7.9-2+deb12u3_amd64.deb
 4211f87849e630a581508606139d057b9b8af405dcab7d3d55f9950c1bd43002 1352432 libgnutls28-dev_3.7.9-2+deb12u3_amd64.deb
 0f2c17f26caffe4679da8eac67ad7732591e652c2d5e0cfa695c31dbaa907309 2110676 libgnutls30-dbgsym_3.7.9-2+deb12u3_amd64.deb
 cee417d4107bbe94ddcc124524366ea675e89d106b70969a7d508ef26e92a713 1404688 libgnutls30_3.7.9-2+deb12u3_amd64.deb
 a25e6fd8b11b5dd3db843d74d8442861bedb8a073aad378eb00e0f1bb8c6d2be 49740 libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_amd64.deb
 0f6778eb954e4433edabfc3a649e3a6eeb38fb4feb6a50c736aaf88fe80de22a 14508 libgnutlsxx30_3.7.9-2+deb12u3_amd64.deb
Files:
 7feba91c04350994de345b5bbd6eeefa 893544 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u3_amd64.deb
 2a44c253e32540dc1a23b8592ba22486 639824 net optional gnutls-bin_3.7.9-2+deb12u3_amd64.deb
 f3dcd4c1f4e81a29eb9226cc94766015 11221 libs optional gnutls28_3.7.9-2+deb12u3_amd64-buildd.buildinfo
 7bfe3ade1c7e54ca99e19e1b5526d004 258252 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u3_amd64.deb
 18842b59aa7d27e88b8133fceed52d30 462540 lisp optional guile-gnutls_3.7.9-2+deb12u3_amd64.deb
 de2f85818c8a7dca477523803737b1c9 91956 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_amd64.deb
 6d81d923af6e82e1c64b338e5238d57a 406484 libs optional libgnutls-dane0_3.7.9-2+deb12u3_amd64.deb
 2ac15cd967618ebe544d0f6ac364a5be 92304 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_amd64.deb
 67a24c0c7a755142711e351f750f2dd7 406424 libs optional libgnutls-openssl27_3.7.9-2+deb12u3_amd64.deb
 5efa104118d961f45905ddcbfbbddab8 1352432 libdevel optional libgnutls28-dev_3.7.9-2+deb12u3_amd64.deb
 7b793a7b121ac8b24abf911927a86c1f 2110676 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u3_amd64.deb
 70939e1ee83d0a50027417006972029e 1404688 libs optional libgnutls30_3.7.9-2+deb12u3_amd64.deb
 f5435046a06b9f1d61f09b569663f411 49740 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_amd64.deb
 7ac8da1f8a3c033d86b359efaf882023 14508 libs optional libgnutlsxx30_3.7.9-2+deb12u3_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEvy6d65NNYPbL6IQIEQ1nooK/IAQFAmZvVToACgkQEQ1nooK/
IAQMSA/+OMWfuvXzBPmK4rLhrzb1yFH8mL0ScTx+9y5096VK0hh2B/8TmaOtyPCh
xhTjBQn1Gg1t0qmoGj3qn98H9/bwRQltzmCKmKkKpAK6lcnKU2wOH7l1jzy8INCH
ILqvBGKd2ijEQCZE5mrR3l0aYJamQH7WT6e6saC1KR8Yo3RvVwNoi3DEkoxfSi9n
I1HUdq5/fbdeSkTX2C0iW8+L3qR7U/7yCd9ZyqK3y/EmpqWNFFL0lbNLT+is+fCg
cZzwq4le9LG046gng+AaEfy1cKbKRcgd9HPWVoTghJlleieOhdfNYtdvU7NIu6Qh
nD3zoJgDgCO03q4AWlM5fJ+cmYE2YjPmM2pnSUy8M9uX2XGw+CIl9cOgTNCoKf0Q
HuJfGHlAhgXycLh5Pqg6rZ9k98dwTup0rveVxcYDoqcxwXWcCrtg3V5n9UgZP4Fq
ueJ+Cadn0h05NFLvCcWCXtvLoTCzjZb4icA7Q9uQIPUKh3KpOkZCyKVzOJTiTAvm
niYMYrT6wo1b6oNyyqUwC4iVXJpSsO7vjnYcQljwdBBT4B3xaI3CKYfuA+O0hqfa
GyQOLLGNg9xQhAPBRZ0cTXV6LEybNqjJ9bVswJQQh2HY+aqVwLt1etvFYJOKnPNQ
NhdBRFB7gF78lICo7FtROC9HiUvbMj64AmgBfTcItyH4lwvwivs=
=XlMu
-----END PGP SIGNATURE-----