Format: 1.8
Date: Fri, 12 Apr 2024 09:12:36 -0400
Source: gnutls28
Binary: gnutls-bin libgnutls-dane0 libgnutls-openssl27 libgnutls28-dev libgnutls30
Built-For-Profiles: noudeb
Architecture: arm64 arm64_translations
Version: 3.8.1-4ubuntu1.3
Distribution: mantic
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos03-arm64-006.buildd>
Changed-By: Marc Deslauriers <marc.deslauriers@ubuntu.com>
Description:
 gnutls-bin - GNU TLS library - commandline utilities
 libgnutls-dane0 - GNU TLS library - DANE security support
 libgnutls-openssl27 - GNU TLS library - OpenSSL wrapper
 libgnutls28-dev - GNU TLS library - development files
 libgnutls30 - GNU TLS library - main runtime library
Changes:
 gnutls28 (3.8.1-4ubuntu1.3) mantic-security; urgency=medium
 .
   * SECURITY UPDATE: side-channel leak via Minerva attack
     - debian/patches/CVE-2024-28834.patch: avoid normalization of mpz_t in
       deterministic ECDSA in lib/nettle/int/dsa-compute-k.c,
       lib/nettle/int/dsa-compute-k.h, lib/nettle/int/ecdsa-compute-k.c,
       lib/nettle/int/ecdsa-compute-k.h, lib/nettle/pk.c,
       tests/sign-verify-deterministic.c.
     - CVE-2024-28834
   * SECURITY UPDATE: crash via specially-crafted cert bundle
     - debian/patches/CVE-2024-28835.patch: remove length limit of input in
       lib/gnutls_int.h, lib/x509/common.c, lib/x509/verify-high.c,
       tests/test-chains.h.
     - CVE-2024-28835
Checksums-Sha1:
 c5c6ebb9953ec5ffcff22c2d91c19686f6349756 700490 gnutls-bin-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 a850d1e5727964eb7f24f3439ee40ee2aaa3abc5 264778 gnutls-bin_3.8.1-4ubuntu1.3_arm64.deb
 8b858f004ec4c039af763c692b11d5c473078bd6 9722 gnutls28_3.8.1-4ubuntu1.3_arm64.buildinfo
 45d6e987420b17fb59e1200514eeaaadd48f6393 424529 gnutls28_3.8.1-4ubuntu1.3_arm64_translations.tar.gz
 36d35cacabbd527eee8f5a798faddf58012d5a4c 47622 libgnutls-dane0-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 26ba57492bb04e2d0defef30749bc5fec3723c03 23068 libgnutls-dane0_3.8.1-4ubuntu1.3_arm64.deb
 eb22b1c1a4c511347dbba2edc5d3753629166066 49866 libgnutls-openssl27-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 8c3bca10c2a7f92ee527c61ff0db85e26ad2244c 23040 libgnutls-openssl27_3.8.1-4ubuntu1.3_arm64.deb
 2ccd4e71314318c64fd02cadd8e420c3ef419c31 1109450 libgnutls28-dev_3.8.1-4ubuntu1.3_arm64.deb
 8ed8a160e0ac49e0cb065ea84282e54c98260304 2272072 libgnutls30-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 30e5a8c6da67df5cf66cb5f65356d2b4ed8a4e9d 940014 libgnutls30_3.8.1-4ubuntu1.3_arm64.deb
Checksums-Sha256:
 99fc02b6b181d1e9280efae8180835a32c669ff221b633aad30c524b0f0a0ce0 700490 gnutls-bin-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 92383df4d167103a86e2b290a68fadebded4c2d37be250e2f6b52f6faf62ccb3 264778 gnutls-bin_3.8.1-4ubuntu1.3_arm64.deb
 0a2972216cb3f12577457b9d2a9df6b72923447994bce3f7db9a3ef9e834baee 9722 gnutls28_3.8.1-4ubuntu1.3_arm64.buildinfo
 9a3b6cf26f32431275aa269f5d7ebbed743274ab3faeca8a546a4b67f167fb27 424529 gnutls28_3.8.1-4ubuntu1.3_arm64_translations.tar.gz
 1911e0155b9837456f036cf6009090a25803eea98d9a000129b4717b3329eaba 47622 libgnutls-dane0-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 ca70d21d9a725716b95e7c43879f549fc2ceb9131d093c6748d47eff21445d10 23068 libgnutls-dane0_3.8.1-4ubuntu1.3_arm64.deb
 8dcceeed91a3117a1f0303daa103ba40b0f1b018dfd90b3d94ae3b68d97568fd 49866 libgnutls-openssl27-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 996351b3b9612ad24e620ebce8c5a1295bc41faa790f7e152081b2a7028837e5 23040 libgnutls-openssl27_3.8.1-4ubuntu1.3_arm64.deb
 60243ee90ff51016cfcc9bb18cbcf38ae017bacfc2b60fa23f5fa701b259576b 1109450 libgnutls28-dev_3.8.1-4ubuntu1.3_arm64.deb
 52052210ecc4c605d96a0c8dcdc1bc77aee844fe97be65676d0fdc661c87e356 2272072 libgnutls30-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 df60e37e4019307e3d1ba736514116bac3c87691fcf88194664ade270bf71e5a 940014 libgnutls30_3.8.1-4ubuntu1.3_arm64.deb
Files:
 1bed1cf00efc8795ea03a15df4e4e70a 700490 debug optional gnutls-bin-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 e46e3a48b922ced31cf5f39f74861c7b 264778 net optional gnutls-bin_3.8.1-4ubuntu1.3_arm64.deb
 9da346a2d8f8909c59e536648e60bf21 9722 libs optional gnutls28_3.8.1-4ubuntu1.3_arm64.buildinfo
 edcf46ad88ba8eddc7b130bb39b5827f 424529 raw-translations - gnutls28_3.8.1-4ubuntu1.3_arm64_translations.tar.gz
 e69f896588d88406e6461021102ab75f 47622 debug optional libgnutls-dane0-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 69308fd7c3088ed9bbba790833d2c302 23068 libs optional libgnutls-dane0_3.8.1-4ubuntu1.3_arm64.deb
 6185f97de4375d15cb868d7d38cc6bbb 49866 debug optional libgnutls-openssl27-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 c09ab48c135fd340a47d1f69a10f8df7 23040 libs optional libgnutls-openssl27_3.8.1-4ubuntu1.3_arm64.deb
 69277f4cd18881ed0e1f79b23ced5d7f 1109450 libdevel optional libgnutls28-dev_3.8.1-4ubuntu1.3_arm64.deb
 13c262082ca52be7478cfbb6a4974e69 2272072 debug optional libgnutls30-dbgsym_3.8.1-4ubuntu1.3_arm64.ddeb
 4a917b7477f62cac18bedb4591d45c42 940014 libs optional libgnutls30_3.8.1-4ubuntu1.3_arm64.deb
Original-Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>