-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 15 Jun 2024 13:22:35 +0200
Source: gnutls28
Binary: gnutls-bin gnutls-bin-dbgsym guile-gnutls guile-gnutls-dbgsym libgnutls-dane0 libgnutls-dane0-dbgsym libgnutls-openssl27 libgnutls-openssl27-dbgsym libgnutls28-dev libgnutls30 libgnutls30-dbgsym libgnutlsxx30 libgnutlsxx30-dbgsym
Architecture: i386
Version: 3.7.9-2+deb12u3
Distribution: bookworm
Urgency: medium
Maintainer: all / amd64 / i386 Build Daemon (x86-conova-02) <buildd_amd64-x86-conova-02@buildd.debian.org>
Changed-By: Andreas Metzler <ametzler@debian.org>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 guile-gnutls - GNU TLS library - GNU Guile bindings
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
 libgnutlsxx30 - GNU TLS library - C++ runtime library
Closes: 1067463 1067464
Changes:
 gnutls28 (3.7.9-2+deb12u3) bookworm; urgency=medium
 .
   * Update to 3.7.11:
     + Replace 60-auth-rsa_psk-side-step-potential-side-channel.patch
       61-x509-detect-loop-in-certificate-chain.patch
       62-rsa-psk-minimize-branching-after-decryption.patch with versions from
       gnutls_3_7_x branch instead of manual backports from 3.8.x.
     + Add 53-fips-fix-checking-on-hash-algorithm-used-in-ECDSA.patch (Fix
       checking on hash algorithm used in ECDSA in FIPS mode) and
       54-fips-mark-composite-signature-API-not-approved.patch (Mark composite
       signature API non-approved in FIPS mode.) to allow
       straight cherry-picking of later patches.
     + 63_01-gnutls_x509_trust_list_verify_crt2-remove-length-lim.patch
       libgnutls: Fixed a bug where certtool crashed when verifying a
       certificate chain with more than 16 certificates. Reported by William
       Woodruff (#1525) and yixiangzhike (#1527).  [GNUTLS-SA-2024-01-23, CVSS:
       medium] [CVE-2024-28835] Closes: #1067463
     + 63_02-nettle-avoid-normalization-of-mpz_t-in-deterministic.patch
       libgnutls: Fix side-channel in the deterministic ECDSA.
       Reported by George Pantelakis (#1516).  [GNUTLS-SA-2023-12-04, CVSS:
       medium] [CVE-2024-28834] Closes: #1067464
     + 63_03-serv-fix-memleak-when-a-connected-client-disappears.patch
       Fix a memleak in gnutls-serv when a connected client disappears.
     + 63_04-lib-fix-a-segfault-in-_gnutls13_recv_end_of_early_da.patch
       Fix a segfault in _gnutls13_recv_end_of_early_data().
     + 63_05-lib-fix-a-potential-segfault-in-_gnutls13_recv_finis.patch
       Fix a potential segfault in _gnutls13_recv_finished().
Checksums-Sha1:
 ac71c7326d0466c2f976ae099e149c7cc044e526 797776 gnutls-bin-dbgsym_3.7.9-2+deb12u3_i386.deb
 df84cf601f267cf5e2c83facff7290a310bc01cb 645504 gnutls-bin_3.7.9-2+deb12u3_i386.deb
 17939b19ba6e8fc186851f9e196281794d9efd75 11128 gnutls28_3.7.9-2+deb12u3_i386-buildd.buildinfo
 44929217db496f5e7b9b8fcc79fe6e7df1727af2 242032 guile-gnutls-dbgsym_3.7.9-2+deb12u3_i386.deb
 8fc3dbeee4943f5b5c5eaea56880434e8405415d 463452 guile-gnutls_3.7.9-2+deb12u3_i386.deb
 6262f8dcab2bcd8ad5e67c115bccc9349727e05a 83864 libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_i386.deb
 c5547a3a04e529b2846b326c11969c2648d0324c 406496 libgnutls-dane0_3.7.9-2+deb12u3_i386.deb
 59e72351aa8215520c4e4fc8f42d7abf86ce1487 83964 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_i386.deb
 69c72356b93254bb03e1c6b4050b4687e3f5187f 406708 libgnutls-openssl27_3.7.9-2+deb12u3_i386.deb
 ffc9dd87283a7b2a262d14bcc38aea3ed4e67657 1416368 libgnutls28-dev_3.7.9-2+deb12u3_i386.deb
 7676120baa8bb2cf5fe7589adec2f782da456ad4 1732456 libgnutls30-dbgsym_3.7.9-2+deb12u3_i386.deb
 7b44db2b3d3bd1ce717072d0e703e0e3a98c1a26 1404076 libgnutls30_3.7.9-2+deb12u3_i386.deb
 e0468f9fc474d6a3659bc9ab962332e6bdee05a5 45436 libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_i386.deb
 561cb852f0868ea8c4251e6d3a3b51927e07334c 15468 libgnutlsxx30_3.7.9-2+deb12u3_i386.deb
Checksums-Sha256:
 3311e29e7ac7e6ae33994d6f1f6ba864d5da74f6aa7a3f5413e97f0c2998f48b 797776 gnutls-bin-dbgsym_3.7.9-2+deb12u3_i386.deb
 6d28afafbd2eb96b6584173838b243616082964670af94e2e0daf7820eda5605 645504 gnutls-bin_3.7.9-2+deb12u3_i386.deb
 9b5deeb1853d358076446120f71010ceccbe7cfef730126c9f8c5a78972f131a 11128 gnutls28_3.7.9-2+deb12u3_i386-buildd.buildinfo
 58856daf0bfeca5bfff889621d0d8a90d6dc39aea7a636e3e3149da9bbbcadad 242032 guile-gnutls-dbgsym_3.7.9-2+deb12u3_i386.deb
 6c8226d65b737d0dc43d9385221b8b77d17960dcf03261d08cbf29af53a4d6cb 463452 guile-gnutls_3.7.9-2+deb12u3_i386.deb
 7ae63d1831b3480faa14635ab8a38f3e42790d46de491e828e5aec614122fcd6 83864 libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_i386.deb
 281e17438aeae3b237a884ccb0f7b34705a4c0b6affa074714cc86e106a6c91c 406496 libgnutls-dane0_3.7.9-2+deb12u3_i386.deb
 81b0ce065bbea2922dafb8cdcb0735e8d4b8628c9b73b792572a863490867f6d 83964 libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_i386.deb
 97288e343af174295b7c4fca97a68562b717e32dad32006db765540db37c65d4 406708 libgnutls-openssl27_3.7.9-2+deb12u3_i386.deb
 794eb157ea748b9593764c7c465e6b286c7b41eab45eb96668c6bcdd7c4b46df 1416368 libgnutls28-dev_3.7.9-2+deb12u3_i386.deb
 9fc754f9e74361b1474ea72afb4da08c950ddb9c9d69395c8c17e701d2e72da2 1732456 libgnutls30-dbgsym_3.7.9-2+deb12u3_i386.deb
 307f393f728da79e9212c0a399a5a6f4ab728cd7fc95be136a131397478dbcca 1404076 libgnutls30_3.7.9-2+deb12u3_i386.deb
 46c969c3b2ef781075f83e21eb1548daf428755bbcafbe6da49d4562084d1a53 45436 libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_i386.deb
 3944d7a4698cc4bc2652f14bf6770056e7931a412efb9119c7bda6b02a13aa82 15468 libgnutlsxx30_3.7.9-2+deb12u3_i386.deb
Files:
 4fd057cadf93bc09e18a34398ac36827 797776 debug optional gnutls-bin-dbgsym_3.7.9-2+deb12u3_i386.deb
 b189047200c6f2e4d3afdc9af710e115 645504 net optional gnutls-bin_3.7.9-2+deb12u3_i386.deb
 1cbabc8e58353fe1694c42dfa03e0be1 11128 libs optional gnutls28_3.7.9-2+deb12u3_i386-buildd.buildinfo
 e46cecd18e8abbd33627fdad477ba381 242032 debug optional guile-gnutls-dbgsym_3.7.9-2+deb12u3_i386.deb
 64eeed795a963a5dde608bdc52aa72cf 463452 lisp optional guile-gnutls_3.7.9-2+deb12u3_i386.deb
 6d51bc726d66c19b802919a79d59448a 83864 debug optional libgnutls-dane0-dbgsym_3.7.9-2+deb12u3_i386.deb
 bad3dacdfd6aee59626c849ce4a89a39 406496 libs optional libgnutls-dane0_3.7.9-2+deb12u3_i386.deb
 13e0348da6de780467211776490b5749 83964 debug optional libgnutls-openssl27-dbgsym_3.7.9-2+deb12u3_i386.deb
 61596676a0f696646a3da07b79f2a1c2 406708 libs optional libgnutls-openssl27_3.7.9-2+deb12u3_i386.deb
 fd6672e6feb5496ca836678e533b6d0e 1416368 libdevel optional libgnutls28-dev_3.7.9-2+deb12u3_i386.deb
 5ec89684550c2872e6b4c5aafcd5181d 1732456 debug optional libgnutls30-dbgsym_3.7.9-2+deb12u3_i386.deb
 6f19c969c14224f7752e8f2b24dc06f1 1404076 libs optional libgnutls30_3.7.9-2+deb12u3_i386.deb
 3b81d7e2a5a5330e4799062d3e910d2d 45436 debug optional libgnutlsxx30-dbgsym_3.7.9-2+deb12u3_i386.deb
 5205b9aa35f62373709c32333d960f32 15468 libs optional libgnutlsxx30_3.7.9-2+deb12u3_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErEDrIdpJkzFMm6K+PyQET5WCY90FAmZvVhMACgkQPyQET5WC
Y93UjQ//dbZGmnOOn9JAzMM6g2DWuqy2jAcyXFGrDM7cE+HcJXc39By32uK3Zrm9
HAEX0EPNggVva4tQeWc/SWzEsGKmr/rC/0CqYrAd0gCkQEmKxN16RRz9JPgjgJZp
9VvwJsE15i2UkN7CJ/4uQYX42tLCHomsukBXi+c+u5xxI4CBLpxciiU8RcsBswbG
0fAYSEosCO0Qht/FpcTnX/zc5TQS9cnt6ESuxGEU54pQGUSZBOY0ezWSf6b5o24+
DYreqvKXGvdDHTYo5Watb/8rb0HcXfUdGw5f0jTvTcUcprzQfGZw173sJxQm4nr8
BLpjyTq7p2lUyrqlZy2VWTjBj2s3NnIRC1DtEN/aa6j6fBL4p82ynhcWo/orC2XS
k9evtK0sRoaoR3rGHpYVjLATUdQ80OEV7ppqurl+1UAZXwTpabHdG8E7F+C8+aSL
bEs91U7gLhzV6HWnMT5JmwvCkMtRT7/AJh6BeyxzXJ/ZjmNFyItRRpESqyf571l6
444H4U3RecoPNuIvrbd/G615Ren4BVfswLMhSkO+DihdLaj+3a+NKVoOz9txx0Z2
nliSranUkq4ydGzGwxfveCiVRQzzuz+EmPDH122zqP8J8Teqw1T7f10YOBZ1e6cd
avrXhFi3coFB+tQsX6ttEO79RrH37QRJyPSURv+QdC7GL91Bkzc=
=PYxN
-----END PGP SIGNATURE-----