gnutls28 (3.6.13-4ubuntu2) groovy; urgency=medium
* SECURITY UPDATE: flaw in TLS session ticket key construction
- debian/patches/CVE-2020-13777.patch: differentiate initial state from
valid time window of TOTP in lib/stek.c,
tests/resume-with-previous-stek.c, tests/tls13/prf-early.c.
- CVE-2020-13777
-- Marc Deslauriers <email address hidden> Fri, 05 Jun 2020 13:12:39 -0400