Accepted gnutls28 3.6.7-4+deb10u11 (source) into oldoldstable
- To: debian-lts-changes@lists.debian.org, dispatch@tracker.debian.org
- Subject: Accepted gnutls28 3.6.7-4+deb10u11 (source) into oldoldstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Wed, 22 Nov 2023 18:20:20 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: gnutls28_3.6.7-4+deb10u11_source.changes
- Debian-source: gnutls28
- Debian-suite: oldoldstable
- Debian-version: 3.6.7-4+deb10u11
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.seger; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=nsGShS7lwxcg7paEXSmXbJHrX2Fz/lewX2StF0M6TTs=; b=btmshjjrfSGdsyGwRBQLzIdab+ FhMCkjn5JAHC4FH0x94Flyrj/ZmklIMzjwsPR9baUxYhGQSXZX8s27nb+D9JzTACLxjQRvJFTEi4B gnhFsyCiF1bZuRBg/+1fSMXlkjG3iXa/66ESoJ0/VdQHN7CbuvXIXBDVOWkiXeWoWCCXqbb2JLqDt xP7LdOb+g3IEF8mB9JBiH7wZw09cxO1ds+regBPf9r8aj0roDncPLIE8hml+NmJpEqG6bfh5MinAK jblrHn4hzbyshuzqIeKiKEPyPRP2ThdeqXPHPTa6vv6dConDun0NF6zaMdu7LwjsT/QVjrTvqcg+4 EMciYWLQ==;
- Mail-followup-to: debian-lts@lists.debian.org
- Message-id: <E1r5rpk-00GHJz-Uu@seger.debian.org>
- Reply-to: debian-lts@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 22 Nov 2023 19:05:59 CET
Source: gnutls28
Architecture: source
Version: 3.6.7-4+deb10u11
Distribution: buster-security
Urgency: high
Maintainer: Debian GnuTLS Maintainers <pkg-gnutls-maint@lists.alioth.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Checksums-Sha1:
ee85d93231e41d4b6a7450ce4576f9af01802758 3265 gnutls28_3.6.7-4+deb10u11.dsc
59850cdf9cb59c2fa97bc0957db540fbd222c822 103904 gnutls28_3.6.7-4+deb10u11.debian.tar.xz
c22cb5aeec0d3a2ecf016ed9461c4ff35b543598 11580 gnutls28_3.6.7-4+deb10u11_amd64.buildinfo
Checksums-Sha256:
973b459a8c0fa5019354b1d903f727f505aea77ca9e1a250dea3ad5f9eea2797 3265 gnutls28_3.6.7-4+deb10u11.dsc
81e40a799a93438cdf14cd01ab1c73b4841d7d524cf018a9e764911af13a05af 103904 gnutls28_3.6.7-4+deb10u11.debian.tar.xz
8d295b184b730271830fc3d11d2d1c2cf219b41b23054061a3e7e11806ea667f 11580 gnutls28_3.6.7-4+deb10u11_amd64.buildinfo
Changes:
gnutls28 (3.6.7-4+deb10u11) buster-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2023-5981:
A vulnerability was found in GnuTLS, a secure communications library, which
may facilitate a timing attack to compromise a cryptographic system. The
response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ
from response times of ciphertexts with correct PKCS#1 v1.5 padding. Only
TLS ciphertext processing is affected.
Files:
852b85ee2868bbb0896562a74c078c74 3265 libs optional gnutls28_3.6.7-4+deb10u11.dsc
f9c0ea533c01de485d6fef1405593b61 103904 libs optional gnutls28_3.6.7-4+deb10u11.debian.tar.xz
4520b7eca1f8864a839583fb79221a8d 11580 libs optional gnutls28_3.6.7-4+deb10u11_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmVeQ5ZfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk4g0P/2p413nuP5khngR/jrTWvJq0P/aYXQmdZn90
YejU3CgnXOQcpff7joE4/PBfHEE8khULhSHHe5nZU0VnfN4iSVgUmZbgkpwytKpZ
IYMVp65oPQDY2Bupf7zK/TMIT5JaecuDa0a3mJvF+MacuixfV6PtYAzUB9xKSOGV
Gqb4V6qb47VnWZFTUUwBcVE+BbDxhUUxd0HKRWdCZUgSXYpS30jYoniFXtwMkzou
kwR8rFqL02xg2BALgv0JNxUWRRRWBjaAOR7zCgl9br1JiSSpCu1m3mro5cVhPi3x
fv3CZ4GCzzGkDBavx3Ypmhpz7mWIcH/CWlT7U9EdQYZhpjmfGP53g9HV7f0YbxxB
6fT73I5UG/7eHxgM0/j4gY5fVlZl0i0bjc56gR+Ov91qvm5nS4oQeXjXtIDfX8ef
9lFI9AjtlNnzDhzv46IeLPFgIWrhkYrM3SuAuQwhqytZeybHPOjP93xa6FMV49zV
V8PekL1kKgHd/XbdgLLbXtoIGZA6i+fLg2kVlX32M6jAGLC+qYkcEWUjjvGLJFy4
uEIe3SKScronS4wV5TsP8hMwAowaCuN1G6K6B4MJpGJCJVgdEnJMCZHlfEMmGW33
MnB0vTdd0XbzDYNO3xdOsWBVb3iqwmNhAPkB3xMKNZ6I0DWAItKrZ3kC6CHueyFT
8whDl+8x
=b6lZ
-----END PGP SIGNATURE-----