[ubuntu/oracular-proposed] gnutls28 3.8.5-2ubuntu1 (Accepted)

Gianfranco Costamagna locutusofborg at debian.org
Tue May 14 10:10:16 UTC 2024 

gnutls28 (3.8.5-2ubuntu1) oracular; urgency=medium

  * Merge with Debian; remaining changes:
    - Enable CET.
    - Set default priority string to only allow TLS1.2, DTLS1.2, and
      TLS1.3 with medium security profile (2048 RSA keys minimum, and
      similar).
    - Forcefully disable TLS 1.0 and 1.1 through /etc/gnutls/config.
    - Forcefully disable DTLS 0.9 and 1.0 through /etc/gnutls/config.
    - Fix logic for i386 autopkgtest on an amd64 host
    - Don't run the testsuite under the influence of a configuration file.

gnutls28 (3.8.5-2) unstable; urgency=medium

  * Add 45_Revert_Add-option-to-disable-RSAES-PKCS1-v1_5.patch, reverting
    upstream commit 10ebc37e41343cb5b18ee9f0b8e2c45c3d83e8c7.
    Closes: #1068644

gnutls28 (3.8.5-1) unstable; urgency=medium

  * New upstream version, drop cherry-picked patch.
  * [lintian] B-d on pkgconf instead of pkg-config.

gnutls28 (3.8.4-2) unstable; urgency=medium

  * Cherry-pick from upstream git master:
    + 50_0001-gnutls_privkey_decrypt_data-don-t-free-plaintext-on-.patch
      (Regression in 3.8.4).
  * Upload to unstable.

gnutls28 (3.8.4-1) experimental; urgency=medium

  * New upstream version.
    + Fix side-channel in the deterministic ECDSA.
      Reported by George Pantelakis (#1516).
      [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
      Closes: #1067464
    + libgnutls: Fixed a bug where certtool crashed when verifying a
      certificate chain with more than 16 certificates. Reported by William
      Woodruff (#1525) and yixiangzhike (#1527).
      [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835] Closes: #1067463
    + Update copyright info.
    + Update symbol file.

Date: Tue, 14 May 2024 12:08:31 +0200
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
https://launchpad.net/ubuntu/+source/gnutls28/3.8.5-2ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 14 May 2024 12:08:31 +0200
Source: gnutls28
Built-For-Profiles: noudeb
Architecture: source
Version: 3.8.5-2ubuntu1
Distribution: oracular
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint at lists.alioth.debian.org>
Changed-By: Gianfranco Costamagna <locutusofborg at debian.org>
Closes: 1067463 1067464 1068644
Changes:
 gnutls28 (3.8.5-2ubuntu1) oracular; urgency=medium
 .
   * Merge with Debian; remaining changes:
     - Enable CET.
     - Set default priority string to only allow TLS1.2, DTLS1.2, and
       TLS1.3 with medium security profile (2048 RSA keys minimum, and
       similar).
     - Forcefully disable TLS 1.0 and 1.1 through /etc/gnutls/config.
     - Forcefully disable DTLS 0.9 and 1.0 through /etc/gnutls/config.
     - Fix logic for i386 autopkgtest on an amd64 host
     - Don't run the testsuite under the influence of a configuration file.
 .
 gnutls28 (3.8.5-2) unstable; urgency=medium
 .
   * Add 45_Revert_Add-option-to-disable-RSAES-PKCS1-v1_5.patch, reverting
     upstream commit 10ebc37e41343cb5b18ee9f0b8e2c45c3d83e8c7.
     Closes: #1068644
 .
 gnutls28 (3.8.5-1) unstable; urgency=medium
 .
   * New upstream version, drop cherry-picked patch.
   * [lintian] B-d on pkgconf instead of pkg-config.
 .
 gnutls28 (3.8.4-2) unstable; urgency=medium
 .
   * Cherry-pick from upstream git master:
     + 50_0001-gnutls_privkey_decrypt_data-don-t-free-plaintext-on-.patch
       (Regression in 3.8.4).
   * Upload to unstable.
 .
 gnutls28 (3.8.4-1) experimental; urgency=medium
 .
   * New upstream version.
     + Fix side-channel in the deterministic ECDSA.
       Reported by George Pantelakis (#1516).
       [GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
       Closes: #1067464
     + libgnutls: Fixed a bug where certtool crashed when verifying a
       certificate chain with more than 16 certificates. Reported by William
       Woodruff (#1525) and yixiangzhike (#1527).
       [GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835] Closes: #1067463
     + Update copyright info.
     + Update symbol file.
Checksums-Sha1:
 bc3fc08d7df2cd1bfc52c3cbf720681c20a3a9ed 3296 gnutls28_3.8.5-2ubuntu1.dsc
 f8ea0a9fd1db428b53182070337b111e54185c2f 6491504 gnutls28_3.8.5.orig.tar.xz
 15fb09d0770ff828ad1915c8bbeec1818ba101f1 228 gnutls28_3.8.5.orig.tar.xz.asc
 37c382a978dc60e12f2223bcc5ffb917db86a08c 82552 gnutls28_3.8.5-2ubuntu1.debian.tar.xz
 e3b26c9ed2b58fcc9f468e31366879904d26b11c 9146 gnutls28_3.8.5-2ubuntu1_source.buildinfo
Checksums-Sha256:
 8d1454906734b7b63c38d5cb6d1cc185219707703fb405c6712b03c4d2cef2b7 3296 gnutls28_3.8.5-2ubuntu1.dsc
 66269a2cfe0e1c2dabec87bdbbd8ab656f396edd9a40dd006978e003cfa52bfc 6491504 gnutls28_3.8.5.orig.tar.xz
 d02c2bc3b994b3fc81f76663a0570c156f9dd299a2151f04fd3429eca6569f52 228 gnutls28_3.8.5.orig.tar.xz.asc
 99f0185c8ee782edea2a374cdad12bd55a92120a0fc2518eec2c13663b26fc41 82552 gnutls28_3.8.5-2ubuntu1.debian.tar.xz
 8190c5683f4f548561f8162a0025ebc4e920c8045d3b757f98859a8b125f82d9 9146 gnutls28_3.8.5-2ubuntu1_source.buildinfo
Files:
 098e5d42e581cae4adfbfdb680a2be6b 3296 libs optional gnutls28_3.8.5-2ubuntu1.dsc
 74b468201ef7e9035f78d44c3f0906c4 6491504 libs optional gnutls28_3.8.5.orig.tar.xz
 fa994f54ccf7baae2929c19dac9f17b7 228 libs optional gnutls28_3.8.5.orig.tar.xz.asc
 8488f1a10256ba1601d0ad56a4da16f2 82552 libs optional gnutls28_3.8.5-2ubuntu1.debian.tar.xz
 31d93901cf4ae3bcf0ae5df1539cde74 9146 libs optional gnutls28_3.8.5-2ubuntu1_source.buildinfo

More information about the oracular-changes mailing list