Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted gnutls28 3.7.1-5+deb11u8 (source) into oldstable-security
Date: Sat, 09 Aug 2025 07:00:21 +0000
Signed by: Adrian Bunk <bunk@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 08 Aug 2025 14:02:50 +0300
Source: gnutls28
Architecture: source
Version: 3.7.1-5+deb11u8
Distribution: bullseye-security
Urgency: medium
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Adrian Bunk <bunk@debian.org>
Changes:
 gnutls28 (3.7.1-5+deb11u8) bullseye-security; urgency=medium
 .
   * Non-maintainer upload by the LTS Team.
   * CVE-2025-6395: NULL dereference when 2nd Client Hello omits PSK
   * CVE-2025-32988: Double-free upon error when exporting otherName in SAN
   * CVE-2025-32990: 1-byte write buffer overrun in certtool
Checksums-Sha1:
 39bae995e0e12a33602316957102e27f6bb9b8a6 3522 gnutls28_3.7.1-5+deb11u8.dsc
 5de5d25534ee5910ea9ee6aaeeb6af1af4350c1e 6038388 gnutls28_3.7.1.orig.tar.xz
 8c2c3aabe289987bbe51ddc1ad4a42558683ca66 854 gnutls28_3.7.1.orig.tar.xz.asc
 04129cc967a8fdc6d7ddb05055527586c85789cb 119824 gnutls28_3.7.1-5+deb11u8.debian.tar.xz
Checksums-Sha256:
 c3f51e97ea6488c9b512067ad333d124739ceeba5f92003eacf85cbf94a098d3 3522 gnutls28_3.7.1-5+deb11u8.dsc
 3777d7963eca5e06eb315686163b7b3f5045e2baac5e54e038ace9835e5cac6f 6038388 gnutls28_3.7.1.orig.tar.xz
 13a683b12602c169a7ad7827ab0e3f35c8fa1f98675d0073cf7d54a8cd635582 854 gnutls28_3.7.1.orig.tar.xz.asc
 095475aa4bb4c400ea5058057a7192fa8096d83591bffeac865c8bc7d24a1a13 119824 gnutls28_3.7.1-5+deb11u8.debian.tar.xz
Files:
 629c55ad16666bb49d56705fa79e26cb 3522 libs optional gnutls28_3.7.1-5+deb11u8.dsc
 278e1f50d79cd13727733adbf01fde8f 6038388 libs optional gnutls28_3.7.1.orig.tar.xz
 590c9d64f7d8ee77671cdb9547f5edaf 854 libs optional gnutls28_3.7.1.orig.tar.xz.asc
 d8daf4e122d05e6709e7826d982b24d8 119824 libs optional gnutls28_3.7.1-5+deb11u8.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmiW7b8ACgkQiNJCh6LY
mLFUvw//cFdifgvtg1KDDLWOFT4IFJKW3DKnxjawfvWoGm4uGidSjZCFgBN8sOYH
AvuIi0zne2DQbj7nCzHOV5iuAINOzw58rxAC1L8svkth0FrtYRFxTCsXZHWgxom3
zQOc8MyJ73tFRzqCXNhcxHS5Soo1k0R401Zg1+UkZaaphCCrdva+2wFmcae5GF8z
/x49o6eqyNBIlnwPGDqTKeQDABNRWI3hQYDJJHYnR2kMU33v3nGAaXHjO3R9/7JH
uSNXeRS55PD5+57kS/f7q0066BRFUzJsx+n3VCbSEx2P+CMR5R7KEPhALwytoWif
t15TvqXVF1CPc/lORiS9z9LoOzqyqc96IFomkBbe3Bop8qT6BhYO4Acya+WLapuR
eyKcEb5ODxoR6/y/TClXiUevD7C42yf+9q5PffNRWpnkN+V9c54RDbCbf6a0Caas
zll4AIDyqq6OxAzmn2Juv/1TAZheh/HVt76I2VpQ8h+5sDX2uu7Vx0Kwj7FHiuzb
PwPW2ocHMCjGJ6HiEBFlBe9Y90poZesWIqBaipC6wMQju6/bxi8osv3QyFuaUtrA
Vuyw9ErNeNknuMq2z4OgyMu9VzKm55X4mYHlHdUDHi8J5dr2Do8zU2htq8fEm+mt
P/Pd/rSzdcbQ0QfzuEGRnYYyueyuFTwQfd7TTAA1LZQqdj27nVI=
=8cTM
-----END PGP SIGNATURE-----

News for package gnutls28