Format: 1.8
Date: Thu, 18 Apr 2024 09:54:34 -0400
Source: gnutls28
Binary: gnutls-bin libgnutls-dane0t64 libgnutls-openssl27t64 libgnutls28-dev libgnutls30t64
Built-For-Profiles: noudeb
Architecture: i386 i386_translations
Version: 3.8.3-1.1ubuntu3.1
Distribution: noble
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@lcy02-amd64-015.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 libgnutls-dane0t64 - GNU TLS library - DANE security support
 libgnutls-openssl27t64 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30t64 - GNU TLS library - main runtime library
Changes:
 gnutls28 (3.8.3-1.1ubuntu3.1) noble-security; urgency=medium
 .
   * SECURITY UPDATE: side-channel leak via Minerva attack
     - debian/patches/CVE-2024-28834.patch: avoid normalization of mpz_t in
       deterministic ECDSA in lib/nettle/int/dsa-compute-k.c,
       lib/nettle/int/dsa-compute-k.h, lib/nettle/int/ecdsa-compute-k.c,
       lib/nettle/int/ecdsa-compute-k.h, lib/nettle/pk.c,
       tests/sign-verify-deterministic.c.
     - CVE-2024-28834
   * SECURITY UPDATE: crash via specially-crafted cert bundle
     - debian/patches/CVE-2024-28835.patch: remove length limit of input in
       lib/gnutls_int.h, lib/x509/common.c, lib/x509/verify-high.c,
       tests/test-chains.h.
     - CVE-2024-28835
Checksums-Sha1:
 c53d6ecf4263c2257e399b55c8afce3f8b85200d 891678 gnutls-bin-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 10918209832327587ccdd2ad9f5312a96780228e 302180 gnutls-bin_3.8.3-1.1ubuntu3.1_i386.deb
 9bf176760a1843e4c5ef134963c48af60269ba3b 10321 gnutls28_3.8.3-1.1ubuntu3.1_i386.buildinfo
 62cbac167e3b76f27c22d47e25dd4f0e239288ef 423683 gnutls28_3.8.3-1.1ubuntu3.1_i386_translations.tar.gz
 be026c1df29a03bc79af93dabc8453f648fec46b 82226 libgnutls-dane0t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 490f24065ba200cd90b71f142adcd8c6736acf1a 41184 libgnutls-dane0t64_3.8.3-1.1ubuntu3.1_i386.deb
 91d4c90b377b65c907a484bf6d4c27ad9000bf97 82726 libgnutls-openssl27t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 471f09d8f33f84dd481f9244130f593b851c19e5 41614 libgnutls-openssl27t64_3.8.3-1.1ubuntu3.1_i386.deb
 3d66cf9232a0deacfbf57f96195d721e987f4a81 1124124 libgnutls28-dev_3.8.3-1.1ubuntu3.1_i386.deb
 42413df0255032a15158f8e3e3e48fef158df5de 1724600 libgnutls30t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 136c1824dd00e61dd37afb5fd4672c39100a163e 1011300 libgnutls30t64_3.8.3-1.1ubuntu3.1_i386.deb
Checksums-Sha256:
 b7f8184bfc550bd404afb21e1de35a4f99b2464fc14c96bb064b2c58000dd105 891678 gnutls-bin-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 452c8a8a8b3d7524ef4377e9ee5b774516513e26acee9de8b6ded644e4130cc6 302180 gnutls-bin_3.8.3-1.1ubuntu3.1_i386.deb
 625789a5bacc7ea662328d306b00c0303f2f023a1cea5df2a20d5a7aa12461ac 10321 gnutls28_3.8.3-1.1ubuntu3.1_i386.buildinfo
 aa25bf3abcf2e185b7ae7ce1972070020124a374d927c91b7bc98ed8a68918e7 423683 gnutls28_3.8.3-1.1ubuntu3.1_i386_translations.tar.gz
 5abb5641aad12ce4b6f7020aa799684e1a391cfb432be61ffd1573913500a707 82226 libgnutls-dane0t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 b58530760a55fd287b7e89f3b2d511c03202b4064cb8eec9531239c8433aa62a 41184 libgnutls-dane0t64_3.8.3-1.1ubuntu3.1_i386.deb
 48cd558dabe4e9342b6aceea67d1bb5d5d3040db19478c040a0aad4d715e8ffa 82726 libgnutls-openssl27t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 22ae217b81dfd88a5ccd43309a277b3cae9f68963be883b756fc1ea22596b03b 41614 libgnutls-openssl27t64_3.8.3-1.1ubuntu3.1_i386.deb
 39305e45b487775c12107ce3ae7594aabca9fe58312027627dd54a4a1d2c6682 1124124 libgnutls28-dev_3.8.3-1.1ubuntu3.1_i386.deb
 c8b3a00b891af01d76cd3bdcf63a49e0a44cca4d297438221a5d236697a32c84 1724600 libgnutls30t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 96524eb33fa8fef3be6c5fe947a74071d511d5d628bd7eb8585b711a5e29c864 1011300 libgnutls30t64_3.8.3-1.1ubuntu3.1_i386.deb
Files:
 a8a1e396a8802c3183215db5b10a8c5f 891678 debug optional gnutls-bin-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 55c03d323562a0ad60b99c3427b276e2 302180 net optional gnutls-bin_3.8.3-1.1ubuntu3.1_i386.deb
 8358e330f1e7ca7e6550569929f4e68b 10321 libs optional gnutls28_3.8.3-1.1ubuntu3.1_i386.buildinfo
 f03f6c4e6de30e69916952c7a8e3874e 423683 raw-translations - gnutls28_3.8.3-1.1ubuntu3.1_i386_translations.tar.gz
 39930169477cf2cdc24370ab9c9f1ac2 82226 debug optional libgnutls-dane0t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 b253c4a4bdd5e870b837fd274a6b5824 41184 libs optional libgnutls-dane0t64_3.8.3-1.1ubuntu3.1_i386.deb
 e303273c28930c7fa8e390ce709781b1 82726 debug optional libgnutls-openssl27t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 eda6ab385c18d3a787a1bd48c4c9a8a3 41614 libs optional libgnutls-openssl27t64_3.8.3-1.1ubuntu3.1_i386.deb
 78ec5e7571abd80b7e0073d69180c0a1 1124124 libdevel optional libgnutls28-dev_3.8.3-1.1ubuntu3.1_i386.deb
 af322f9cbad374bdf28d066e1396a827 1724600 debug optional libgnutls30t64-dbgsym_3.8.3-1.1ubuntu3.1_i386.ddeb
 c5d0265cbfc1ced7367fed7fc7f77507 1011300 libs optional libgnutls30t64_3.8.3-1.1ubuntu3.1_i386.deb
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>