gnutls28 3.4.10-4ubuntu1.5 source package in Ubuntu

Changelog

gnutls28 (3.4.10-4ubuntu1.5) xenial-security; urgency=medium

  * SECURITY UPDATE: Lucky-13 issues
    - debian/patches/CVE-2018-1084x-1.patch: correctly account the length
      field in SHA384 HMAC in lib/algorithms/mac.c, lib/gnutls_cipher.c.
    - debian/patches/CVE-2018-1084x-2.patch: always hash the same amount of
      blocks that would have been on minimum pad in lib/gnutls_cipher.c.
    - debian/patches/CVE-2018-1084x-3.patch: require minimum padding under
      SSL3.0 in lib/gnutls_cipher.c.
    - debian/patches/CVE-2018-1084x-4.patch: hmac-sha384 and sha256
      ciphersuites were removed from defaults in lib/gnutls_priority.c,
      tests/priorities.c.
    - debian/patches/CVE-2018-1084x-5.patch: fix test for SHA512 in
      tests/pkcs12_encode.c.
    - CVE-2018-10844
    - CVE-2018-10845
    - CVE-2018-10846

 -- Marc Deslauriers <email address hidden>  Tue, 28 May 2019 13:32:56 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Xenial
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gnutls28_3.4.10.orig.tar.xz 6.3 MiB 6a32c2b4acbd33ff7eefcbd1357009da04c94c60146ef61320b6c076b1bdf59f
gnutls28_3.4.10-4ubuntu1.5.debian.tar.xz 97.6 KiB 87f45b54868c256fb4cbc4cfd1e4786da1e05a3e9fad41002ee717fce4b9044b
gnutls28_3.4.10-4ubuntu1.5.dsc 3.0 KiB 787f0b78c07848901525fa8227a128f2f782cf078065ae52b1a2d82a3e3c01a8

View changes file

Binary packages built by this source

gnutls-bin: GNU TLS library - commandline utilities

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains a commandline interface to the GNU TLS library, which
 can be used to set up secure connections from e.g. shell scripts, debugging
 connection issues or managing certificates.
 .
 Useful utilities include:
  - TLS termination: gnutls-cli, gnutls-serv, crywrap
  - key and certificate management: certtool, ocsptool, p11tool
  - credential management: srptool, psktool

gnutls-bin-dbgsym: debug symbols for package gnutls-bin

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains a commandline interface to the GNU TLS library, which
 can be used to set up secure connections from e.g. shell scripts, debugging
 connection issues or managing certificates.
 .
 Useful utilities include:
  - TLS termination: gnutls-cli, gnutls-serv, crywrap
  - key and certificate management: certtool, ocsptool, p11tool
  - credential management: srptool, psktool

gnutls-doc: GNU TLS library - documentation and examples

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains all the GnuTLS documentation.

guile-gnutls: GNU TLS library - GNU Guile bindings

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the GNU Guile 2.0 modules.

guile-gnutls-dbgsym: debug symbols for package guile-gnutls

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the GNU Guile 2.0 modules.

libgnutls-dev: GNU TLS library - development files

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the GnuTLS development files.

libgnutls-openssl27: GNU TLS library - OpenSSL wrapper

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the runtime library of the GnuTLS OpenSSL wrapper.

libgnutls-openssl27-dbgsym: debug symbols for package libgnutls-openssl27

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the runtime library of the GnuTLS OpenSSL wrapper.

libgnutls28-dev: dummy transitional package for GNU TLS library - development files

 This is a transitional dummy package for libgnutls28-dev to
 libgnutls-dev migration. GnuTLS is a portable library which
 implements the Transport Layer Security (TLS 1.0, 1.1, 1.2) and
 Secure Sockets Layer (SSL) 3.0 and Datagram Transport Layer Security
 (DTLS 1.0, 1.2) protocols.
 .
 This package can be safely removed.

libgnutls30: GNU TLS library - main runtime library

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the main runtime library.

libgnutls30-dbgsym: debug symbols for package libgnutls30

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the main runtime library.

libgnutlsxx28: GNU TLS library - C++ runtime library

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the C++ runtime libraries.

libgnutlsxx28-dbgsym: debug symbols for package libgnutlsxx28

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2) and Secure Sockets Layer (SSL) 3.0 and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - TLS extensions: server name indication, max record size, opaque PRF
    input, etc.
  - authentication using the SRP protocol.
  - authentication using both X.509 certificates and OpenPGP keys.
  - TLS Pre-Shared-Keys (PSK) extension.
  - Inner Application (TLS/IA) extension.
  - X.509 and OpenPGP certificate handling.
  - X.509 Proxy Certificates (RFC 3820).
  - all the strong encryption algorithms (including SHA-256/384/512 and
    Camellia (RFC 4132)).
 .
 This package contains the C++ runtime libraries.