-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 08 Aug 2025 14:02:50 +0300 Source: gnutls28 Architecture: source Version: 3.7.1-5+deb11u8 Distribution: bullseye-security Urgency: medium Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org> Changed-By: Adrian Bunk <bunk@debian.org> Changes: gnutls28 (3.7.1-5+deb11u8) bullseye-security; urgency=medium . * Non-maintainer upload by the LTS Team. * CVE-2025-6395: NULL dereference when 2nd Client Hello omits PSK * CVE-2025-32988: Double-free upon error when exporting otherName in SAN * CVE-2025-32990: 1-byte write buffer overrun in certtool Checksums-Sha1: 39bae995e0e12a33602316957102e27f6bb9b8a6 3522 gnutls28_3.7.1-5+deb11u8.dsc 5de5d25534ee5910ea9ee6aaeeb6af1af4350c1e 6038388 gnutls28_3.7.1.orig.tar.xz 8c2c3aabe289987bbe51ddc1ad4a42558683ca66 854 gnutls28_3.7.1.orig.tar.xz.asc 04129cc967a8fdc6d7ddb05055527586c85789cb 119824 gnutls28_3.7.1-5+deb11u8.debian.tar.xz Checksums-Sha256: c3f51e97ea6488c9b512067ad333d124739ceeba5f92003eacf85cbf94a098d3 3522 gnutls28_3.7.1-5+deb11u8.dsc 3777d7963eca5e06eb315686163b7b3f5045e2baac5e54e038ace9835e5cac6f 6038388 gnutls28_3.7.1.orig.tar.xz 13a683b12602c169a7ad7827ab0e3f35c8fa1f98675d0073cf7d54a8cd635582 854 gnutls28_3.7.1.orig.tar.xz.asc 095475aa4bb4c400ea5058057a7192fa8096d83591bffeac865c8bc7d24a1a13 119824 gnutls28_3.7.1-5+deb11u8.debian.tar.xz Files: 629c55ad16666bb49d56705fa79e26cb 3522 libs optional gnutls28_3.7.1-5+deb11u8.dsc 278e1f50d79cd13727733adbf01fde8f 6038388 libs optional gnutls28_3.7.1.orig.tar.xz 590c9d64f7d8ee77671cdb9547f5edaf 854 libs optional gnutls28_3.7.1.orig.tar.xz.asc d8daf4e122d05e6709e7826d982b24d8 119824 libs optional gnutls28_3.7.1-5+deb11u8.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmiW7b8ACgkQiNJCh6LY mLFUvw//cFdifgvtg1KDDLWOFT4IFJKW3DKnxjawfvWoGm4uGidSjZCFgBN8sOYH AvuIi0zne2DQbj7nCzHOV5iuAINOzw58rxAC1L8svkth0FrtYRFxTCsXZHWgxom3 zQOc8MyJ73tFRzqCXNhcxHS5Soo1k0R401Zg1+UkZaaphCCrdva+2wFmcae5GF8z /x49o6eqyNBIlnwPGDqTKeQDABNRWI3hQYDJJHYnR2kMU33v3nGAaXHjO3R9/7JH uSNXeRS55PD5+57kS/f7q0066BRFUzJsx+n3VCbSEx2P+CMR5R7KEPhALwytoWif t15TvqXVF1CPc/lORiS9z9LoOzqyqc96IFomkBbe3Bop8qT6BhYO4Acya+WLapuR eyKcEb5ODxoR6/y/TClXiUevD7C42yf+9q5PffNRWpnkN+V9c54RDbCbf6a0Caas zll4AIDyqq6OxAzmn2Juv/1TAZheh/HVt76I2VpQ8h+5sDX2uu7Vx0Kwj7FHiuzb PwPW2ocHMCjGJ6HiEBFlBe9Y90poZesWIqBaipC6wMQju6/bxi8osv3QyFuaUtrA Vuyw9ErNeNknuMq2z4OgyMu9VzKm55X4mYHlHdUDHi8J5dr2Do8zU2htq8fEm+mt P/Pd/rSzdcbQ0QfzuEGRnYYyueyuFTwQfd7TTAA1LZQqdj27nVI= =8cTM -----END PGP SIGNATURE-----