gnutls28 3.8.5-2ubuntu1 source package in Ubuntu
Changelog
gnutls28 (3.8.5-2ubuntu1) oracular; urgency=medium
* Merge with Debian; remaining changes:
- Enable CET.
- Set default priority string to only allow TLS1.2, DTLS1.2, and
TLS1.3 with medium security profile (2048 RSA keys minimum, and
similar).
- Forcefully disable TLS 1.0 and 1.1 through /etc/gnutls/config.
- Forcefully disable DTLS 0.9 and 1.0 through /etc/gnutls/config.
- Fix logic for i386 autopkgtest on an amd64 host
- Don't run the testsuite under the influence of a configuration file.
gnutls28 (3.8.5-2) unstable; urgency=medium
* Add 45_Revert_Add-option-to-disable-RSAES-PKCS1-v1_5.patch, reverting
upstream commit 10ebc37e41343cb5b18ee9f0b8e2c45c3d83e8c7.
Closes: #1068644
gnutls28 (3.8.5-1) unstable; urgency=medium
* New upstream version, drop cherry-picked patch.
* [lintian] B-d on pkgconf instead of pkg-config.
gnutls28 (3.8.4-2) unstable; urgency=medium
* Cherry-pick from upstream git master:
+ 50_0001-gnutls_privkey_decrypt_data-don-t-free-plaintext-on-.patch
(Regression in 3.8.4).
* Upload to unstable.
gnutls28 (3.8.4-1) experimental; urgency=medium
* New upstream version.
+ Fix side-channel in the deterministic ECDSA.
Reported by George Pantelakis (#1516).
[GNUTLS-SA-2023-12-04, CVSS: medium] [CVE-2024-28834]
Closes: #1067464
+ libgnutls: Fixed a bug where certtool crashed when verifying a
certificate chain with more than 16 certificates. Reported by William
Woodruff (#1525) and yixiangzhike (#1527).
[GNUTLS-SA-2024-01-23, CVSS: medium] [CVE-2024-28835] Closes: #1067463
+ Update copyright info.
+ Update symbol file.
-- Gianfranco Costamagna <email address hidden> Tue, 14 May 2024 12:08:31 +0200
Upload details
- Uploaded by:
- Gianfranco Costamagna
- Uploaded to:
- Oracular
- Original maintainer:
- Debian GnuTLS Maintainers
- Architectures:
- any all
- Section:
- libs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Oracular | release | main | libs |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| gnutls28_3.8.5.orig.tar.xz | 6.2 MiB | 66269a2cfe0e1c2dabec87bdbbd8ab656f396edd9a40dd006978e003cfa52bfc |
| gnutls28_3.8.5.orig.tar.xz.asc | 228 bytes | d02c2bc3b994b3fc81f76663a0570c156f9dd299a2151f04fd3429eca6569f52 |
| gnutls28_3.8.5-2ubuntu1.debian.tar.xz | 80.6 KiB | 99f0185c8ee782edea2a374cdad12bd55a92120a0fc2518eec2c13663b26fc41 |
| gnutls28_3.8.5-2ubuntu1.dsc | 3.2 KiB | 8d1454906734b7b63c38d5cb6d1cc185219707703fb405c6712b03c4d2cef2b7 |
Available diffs
Binary packages built by this source
- gnutls-bin: GNU TLS library - commandline utilities
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- certificate path validation, as well as DANE and trust on first use.
- the Online Certificate Status Protocol (OCSP).
- public key methods, including RSA and Elliptic curves, as well as password
and key authentication methods such as SRP and PSK protocols.
- all the strong encryption algorithms, including AES and Camellia.
- CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- HSMs and cryptographic tokens, via PKCS #11.
.
This package contains a commandline interface to the GNU TLS library, which
can be used to set up secure connections from e.g. shell scripts, debugging
connection issues or managing certificates.
.
Useful utilities include:
- TLS termination: gnutls-cli, gnutls-serv
- key and certificate management: certtool, ocsptool, p11tool
- credential management: srptool, psktool
- gnutls-bin-dbgsym: debug symbols for gnutls-bin
- gnutls-doc: GNU TLS library - documentation and examples
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- certificate path validation, as well as DANE and trust on first use.
- the Online Certificate Status Protocol (OCSP).
- public key methods, including RSA and Elliptic curves, as well as password
and key authentication methods such as SRP and PSK protocols.
- all the strong encryption algorithms, including AES and Camellia.
- CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- HSMs and cryptographic tokens, via PKCS #11.
.
This package contains all the GnuTLS documentation.
- libgnutls-dane0t64: GNU TLS library - DANE security support
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- certificate path validation, as well as DANE and trust on first use.
- the Online Certificate Status Protocol (OCSP).
- public key methods, including RSA and Elliptic curves, as well as password
and key authentication methods such as SRP and PSK protocols.
- all the strong encryption algorithms, including AES and Camellia.
- CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- HSMs and cryptographic tokens, via PKCS #11.
.
This package contains the runtime library for DANE (DNS-based Authentication
of Named Entities) support.
- libgnutls-dane0t64-dbgsym: debug symbols for libgnutls-dane0t64
- libgnutls-openssl27t64: GNU TLS library - OpenSSL wrapper
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- certificate path validation, as well as DANE and trust on first use.
- the Online Certificate Status Protocol (OCSP).
- public key methods, including RSA and Elliptic curves, as well as password
and key authentication methods such as SRP and PSK protocols.
- all the strong encryption algorithms, including AES and Camellia.
- CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- HSMs and cryptographic tokens, via PKCS #11.
.
This package contains the runtime library of the GnuTLS OpenSSL wrapper.
- libgnutls-openssl27t64-dbgsym: debug symbols for libgnutls-openssl27t64
- libgnutls28-dev: GNU TLS library - development files
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- certificate path validation, as well as DANE and trust on first use.
- the Online Certificate Status Protocol (OCSP).
- public key methods, including RSA and Elliptic curves, as well as password
and key authentication methods such as SRP and PSK protocols.
- all the strong encryption algorithms, including AES and Camellia.
- CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- HSMs and cryptographic tokens, via PKCS #11.
.
This package contains the GnuTLS development files.
- libgnutls30t64: GNU TLS library - main runtime library
GnuTLS is a portable library which implements the Transport Layer
Security (TLS 1.0, 1.1, 1.2, 1.3) and Datagram
Transport Layer Security (DTLS 1.0, 1.2) protocols.
.
GnuTLS features support for:
- certificate path validation, as well as DANE and trust on first use.
- the Online Certificate Status Protocol (OCSP).
- public key methods, including RSA and Elliptic curves, as well as password
and key authentication methods such as SRP and PSK protocols.
- all the strong encryption algorithms, including AES and Camellia.
- CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
- HSMs and cryptographic tokens, via PKCS #11.
.
This package contains the main runtime library.
- libgnutls30t64-dbgsym: debug symbols for libgnutls30t64
