gnutls28 3.8.3-1ubuntu1 source package in Ubuntu

Changelog

gnutls28 (3.8.3-1ubuntu1) noble; urgency=medium

  * Merge from Debian unstable. Remaining changes:
    - Enable CET.
    - Set default priority string to only allow TLS1.2, DTLS1.2, and
      TLS1.3 with medium security profile (2048 RSA keys minimum, and
      similar).
    - Forcefully disable TLS 1.0 and 1.1 through /etc/gnutls/config.
    - Forcefully disable DTLS 0.9 and 1.0 through /etc/gnutls/config.
    - Fix logic for i386 autopkgtest on an amd64 host
    - Don't run the testsuite under the influence of a configuration file.
  * debian/patches/CVE-2023-5981.patch: dropped, included in new version.

gnutls28 (3.8.3-1) unstable; urgency=medium

  * New upstream version.
    Fix assertion failure when verifying a certificate chain with a cycle of
    cross signatures. CVE-2024-0567 GNUTLS-SA-2024-01-09 Closes: #1061045
    Fix more timing side-channel inside RSA-PSK key exchange. CVE-2024-0553
    GNUTLS-SA-2024-01-14 Closes: #1061046

gnutls28 (3.8.2-1) unstable; urgency=medium

  * New upstream version.
    + Drop cherrypicked patches.
    + Update symbol file.
    + Update copyright file.
    + Includes fix for CVE-2023-5981 / GNUTLS-SA-2023-10-23. Closes: #1056188

 -- Marc Deslauriers <email address hidden>  Fri, 26 Jan 2024 07:39:04 -0500

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Noble
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
libs
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
gnutls28_3.8.3.orig.tar.xz 6.2 MiB f74fc5954b27d4ec6dfbb11dea987888b5b124289a3703afcada0ee520f4173e
gnutls28_3.8.3.orig.tar.xz.asc 854 bytes b2b90d225728890b0e2aa7c05e5f25f8ba1282821b46e72cd99f0c732b639cef
gnutls28_3.8.3-1ubuntu1.debian.tar.xz 77.5 KiB ebe27770175c318e1ca93380189322706e35b77cbe23ed3988f3322e5a848c9f
gnutls28_3.8.3-1ubuntu1.dsc 3.3 KiB a10a300632ddc3230687c8cd7c54d6ab9d0554ae88264b989d0fbadbe5f6a4cd

Available diffs

View changes file

Binary packages built by this source

gnutls-bin: GNU TLS library - commandline utilities

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains a commandline interface to the GNU TLS library, which
 can be used to set up secure connections from e.g. shell scripts, debugging
 connection issues or managing certificates.
 .
 Useful utilities include:
  - TLS termination: gnutls-cli, gnutls-serv
  - key and certificate management: certtool, ocsptool, p11tool
  - credential management: srptool, psktool

gnutls-bin-dbgsym: debug symbols for gnutls-bin
gnutls-doc: GNU TLS library - documentation and examples

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains all the GnuTLS documentation.

libgnutls-dane0: No summary available for libgnutls-dane0 in ubuntu noble.

No description available for libgnutls-dane0 in ubuntu noble.

libgnutls-dane0-dbgsym: No summary available for libgnutls-dane0-dbgsym in ubuntu noble.

No description available for libgnutls-dane0-dbgsym in ubuntu noble.

libgnutls-openssl27: No summary available for libgnutls-openssl27 in ubuntu noble.

No description available for libgnutls-openssl27 in ubuntu noble.

libgnutls-openssl27-dbgsym: No summary available for libgnutls-openssl27-dbgsym in ubuntu noble.

No description available for libgnutls-openssl27-dbgsym in ubuntu noble.

libgnutls28-dev: GNU TLS library - development files

 GnuTLS is a portable library which implements the Transport Layer
 Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
 Transport Layer Security (DTLS 1.0, 1.2) protocols.
 .
 GnuTLS features support for:
  - certificate path validation, as well as DANE and trust on first use.
  - the Online Certificate Status Protocol (OCSP).
  - public key methods, including RSA and Elliptic curves, as well as password
    and key authentication methods such as SRP and PSK protocols.
  - all the strong encryption algorithms, including AES and Camellia.
  - CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
  - HSMs and cryptographic tokens, via PKCS #11.
 .
 This package contains the GnuTLS development files.

libgnutls30: No summary available for libgnutls30 in ubuntu noble.

No description available for libgnutls30 in ubuntu noble.

libgnutls30-dbgsym: No summary available for libgnutls30-dbgsym in ubuntu noble.

No description available for libgnutls30-dbgsym in ubuntu noble.