Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted gnutls28 3.6.7-4+deb10u3 (source) into proposed-updates->stable-new, proposed-updates
Date: Tue, 07 Apr 2020 20:23:21 +0000
Signed by: Salvatore Bonaccorso <carnil@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 03 Apr 2020 21:31:50 +0200
Source: gnutls28
Architecture: source
Version: 3.6.7-4+deb10u3
Distribution: buster-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Salvatore Bonaccorso <carnil@debian.org>
Closes: 955556
Changes:
 gnutls28 (3.6.7-4+deb10u3) buster-security; urgency=high
 .
   * Non-maintainer upload by the Security Team.
   * GNUTLS-SA-2020-03-31: dtls client hello: fix zeroed random
     (CVE-2020-11501)
     Fix a DTLS-protocol regression (caused by TLS1.3 support), since
     3.6.3. The DTLS client would not contribute any randomness to the
     DTLS negotiation, breaking the security guarantees of the DTLS
     protocol. (Closes: #955556)
Checksums-Sha1: 
 a48299072fa967371a1f547d47f161f797f17926 3509 gnutls28_3.6.7-4+deb10u3.dsc
 71f73b9829e44c947bb668b25b8b2e594a065345 8153728 gnutls28_3.6.7.orig.tar.xz
 5911d8f00c70e65d27f8d5244c37ae3b04b6cae7 534 gnutls28_3.6.7.orig.tar.xz.asc
 625fc3e603d450eae1df163efac45d193f4eb4db 77948 gnutls28_3.6.7-4+deb10u3.debian.tar.xz
Checksums-Sha256: 
 a5acd2ff3e275baabbe42f949f9ce365e9fd53ea4a14a306be395dae2a7589d5 3509 gnutls28_3.6.7-4+deb10u3.dsc
 5b3409ad5aaf239808730d1ee12fdcd148c0be00262c7edf157af655a8a188e2 8153728 gnutls28_3.6.7.orig.tar.xz
 a14d0a7b9295b65ae797a70f8e765024a2e363dca03d008bfce0aec2b3f292b0 534 gnutls28_3.6.7.orig.tar.xz.asc
 cd03a0f7f16b7bdff8b7ecd0ebccd6c51b2ba6615df88de4a63a87bd47a8998e 77948 gnutls28_3.6.7-4+deb10u3.debian.tar.xz
Files: 
 fc6bb5a1516962ce8c85ba7e6040d105 3509 libs optional gnutls28_3.6.7-4+deb10u3.dsc
 c4ac669c500df939d4fbfea722367929 8153728 libs optional gnutls28_3.6.7.orig.tar.xz
 13b4d4d680c451c29129191ae9250529 534 libs optional gnutls28_3.6.7.orig.tar.xz.asc
 7c92fc403d229f57df9694ff5695dd0e 77948 libs optional gnutls28_3.6.7-4+deb10u3.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl6HrNhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EttgP/RjU/TAWadUQAZuvAhEOBo9LhJELb2Jy
BC64YFkq/vC0DSd2N+yYQ/SiLOWkNNFrnPhYRaanysroZCnXOyQhP5ESM9pLp9DE
KWH8oLwAJac48VjfFLXrchoP0cH3b1vZYVtK76PKjtTCoaroeVJRARkDLp2e20GT
ZyNO6/74I/eSRdLydUeCSL0w7yoSviHSPCDctFhL/m3g3VFLc/ZAHTo1xnniEHAB
J0BZnZ6QcrKdRTZ6ZdeSGxqyhEQT+IWQhiLHRudY2gZiavsredd88GU0nnpu3cg+
PeuwR2ZEmHkg8F+qOnlpgK0bIzmJg6ucgey5rtLETWq1vSzOBGiDWAxcFUBUuZHl
z6BBFkvzSO1N7OPDwBpcM7CvohvKhNNb/9Stzkg2tcEIh/2divy73yBfCdLJ8ra2
B/WnN7VXQnhHoTsovhN/2IeZKexBNLjFoWYZIXMHIVPZ1zWPR4Ger6PQQHK3Q2FW
OgvBb4u7BbS6p9rylZNeCSwH7MSyZ1DCGd1O8OTnviGwckrskEJPT0y0lxLYe501
U2koHJ6NV8WWE1cAoUSpse+HFuf82Rn112B3YtfquVpxfzsq6GYClZl9c60wH47B
/0UyG8qVXesIQnrUF94oQRe03h5rRB90XdlFAMhctL/B6UPfAYJeWpZY5q5sfbRr
y0DK5Cf2Te7D
=vYBx
-----END PGP SIGNATURE-----

News for package gnutls28