Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <>
Subject: Accepted gnutls28 3.8.9-3+deb13u4 (source) into stable-security
Date: Tue, 19 May 2026 20:37:25 +0000
Signed by: Andreas Metzler <ametzler@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 10 May 2026 13:15:39 +0200
Source: gnutls28
Architecture: source
Version: 3.8.9-3+deb13u4
Distribution: trixie-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Closes: 1135319
Changes:
 gnutls28 (3.8.9-3+deb13u4) trixie-security; urgency=high
 .
   * Add 3.8.13 patchset from CentOS 10 security release.
     Fixes
     CVE-2026-33846
     CVE-2026-42009
     CVE-2026-33845
     CVE-2026-42010
     CVE-2026-3833
     CVE-2026-42011
     CVE-2026-42012
     CVE-2026-42013
     CVE-2026-42014
     CVE-2026-5260
     CVE-2026-42015
     CVE-2026-3832
     CVE-2026-5419
     and also adds a couple of fixes for issues without CVEs assigned.
     (For Debian base64-encode a testfile, quilt does not support git binary
     patches.)
     Closes: #1135319
   * Drop patches irrelevant for 3.8.9 from the CentOS patchset.
     The PKCS#11 [provider] feature was only added in 3.8.10.
   * Cherry-pick another patch to add a mising declaration.
Checksums-Sha1: 
 d951d114b353d17ccd1a10cd7eb950d63582e11c 3271 gnutls28_3.8.9-3+deb13u4.dsc
 64963c11663d6384123657509dbaa0556e6122c7 140880 gnutls28_3.8.9-3+deb13u4.debian.tar.xz
Checksums-Sha256: 
 f1153e91212bdf60acf66cb62713ad4ed577f2e85f578a04df31a5619624c1e1 3271 gnutls28_3.8.9-3+deb13u4.dsc
 f0b9c7d182072f0bbdb281304686aa6e2bfd343dadefa432ec4dab4893e9841f 140880 gnutls28_3.8.9-3+deb13u4.debian.tar.xz
Files: 
 7774b56b8516eeb053bb6fb808035c6b 3271 libs optional gnutls28_3.8.9-3+deb13u4.dsc
 38f664bc59e3bb4ad032ed55b09c6b97 140880 libs optional gnutls28_3.8.9-3+deb13u4.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0uCSA5741Jbt9PpepU8BhUOCFIQFAmoAcdoACgkQpU8BhUOC
FIQJDw//cvNX/dy1RBPcMf4wcBmkAc3FFA7BXMb7gvGfOpwmFui0v0bnnowNxd7Y
VLYVmvBD4cJSDV9Vo8E1ZW9q+fNkrEdNGvH1xJ0onxmqlk5YnGpVPVvD00WX63z0
cFrl0wWGlcP+Xhp16XxfDt+f5zz9QVVcyAodinMiqck58FVVfpQpiNAZpL+fLjPF
xei8Fa3n7jK+u+0PPR9oYHaD5vZ6IfQdoy8Ajk377J0l9+T1eMVnzLqYBW8oeNAL
MWaM97at/CKRYIOTKR+xYPc7LeqIKTUyQYfcS/I0MbPN3veJjeHOhl1P/H9t/1P9
Iten6zX+25eQ5t10zrvdoNkSYPY5WFsGYdq9aSjn9mMr7gGVS+IKUelG+Ps7WS5o
uMKGCL4YZbMIh75VRG4eploOGJU4TuKXL4ouvADZ6be2ibRicWxjxuw4lj2peqHU
9R/ZXK+pV90nkkGUj5Jwq2ul7XixuQgRDlzuyppC/1lad6X1fDf3wkSKWQNrb377
VlNqnwbZuWFbQ4w1PmkmlDRSFAKjxoQZvSdGkgyGoJ1CR9z7Jngxh0pUeHX6A1iG
rqZPbq3/UMrDzKfFWAy7UqXT8XwuNFvHqpfcNI1brV8ezHK+nniwlcDXT185+89t
HRU0Uqbf0/boMI9GyVnWQONsAoUuG0KFay4L1so79OBG5oW+ViU=
=EpDD
-----END PGP SIGNATURE-----

News for package gnutls28