Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted gnutls28 3.7.9-2+deb12u2 (source) into proposed-updates
Date: Wed, 31 Jan 2024 10:03:27 +0000
Signed by: Andreas Metzler <ametzler@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 19 Jan 2024 18:28:37 +0100
Source: gnutls28
Architecture: source
Version: 3.7.9-2+deb12u2
Distribution: bookworm
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 1061045 1061046
Changes:
 gnutls28 (3.7.9-2+deb12u2) bookworm; urgency=medium
 .
   * Cherrypick two CVE fixes from 3.8.3:
     Fix assertion failure when verifying a certificate chain with a cycle of
     cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045
     Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553
     GNUTLS-SA-2024-01-14 Closes: #1061046
Checksums-Sha1: 
 8f309cf26cefeaf059bbded7ef046f474f52e44c 3418 gnutls28_3.7.9-2+deb12u2.dsc
 c09b542ada0db576ac8c236decdd15313ed2e063 91608 gnutls28_3.7.9-2+deb12u2.debian.tar.xz
Checksums-Sha256: 
 c0e6970da7ddd77a17b9062b16f46b218eef862e36270b63f7f38cedff7a7b85 3418 gnutls28_3.7.9-2+deb12u2.dsc
 f9ad7b1bccc64c14ab076a6cf7ba9a8064e63d1dbb3a552dcfbba533a128490e 91608 gnutls28_3.7.9-2+deb12u2.debian.tar.xz
Files: 
 8c13e88846afb59cdd9024cc6e4e5fad 3418 libs optional gnutls28_3.7.9-2+deb12u2.dsc
 415e3d6f696722c06cc6db1c986e36f1 91608 libs optional gnutls28_3.7.9-2+deb12u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmWrbUkACgkQpU8BhUOC
FISVug//W9LqKMBglhNe/RJx/Lu/o/y2C7BKHiY5+Rua7IUQ98wRsQ+Q/xf9Zu1B
hSLJRg03EIjdsCw0M9h14GwsKem9Ko7yr5t38N7CLqTKTfGXnOPAwSsHdCtVkgSR
obaMLKKHgSMBxXVGW3P/B7n0hXu0uKedyycca45ZkA+H5aTxbu9dX3mEPNkijHJf
iV03KibnT9xf7SXac1Y5YpfSjBwgSCNX3RnIaZ5z6NsOcyPNS7A+/Zc5DCpgTS/R
CTQlosxYUmj5KVrKrgNgOj5lm/6HPQQZe30UIkfqIvarW00NJA4bwIZIu6yVQi/j
yBCrhlokzt0QcfJTf6bANvS/A+eSAr2DPPTEiCt97Yo90RbZ9DZ6qC2wS+59eV55
PGciLxKIlc1I9BRgZGa3+zMXNGjIc7TlJmX8X6MLYgX8PJRH1nikftPFQ19L0igc
fhGqplzZhEVAODZlQnxzDtbgYxE8ZNNY8C33rFcGbpRVQyuJHISUpyUFnyo+f4PH
Px3/J08BVHpx61GmcSzV/20fS+WG549tcpo7QVmUOIb/heMCVmCfWAB77Fx8cFu6
Hp9pJK298D1058MPaMKbFGAjtPWHQbTqr3iVGpNIaUcmGlmKz52gz79a8D85i2V+
/oAphe/wvVjN4l7WvFE4Le7si63CLAuEyGVxhJHbVM5p8Y3I2Ws=
=U2td
-----END PGP SIGNATURE-----

News for package gnutls28